Main
Vulnerability Database
Exploits
ID:6383 - Exploit for Race condition in Linux kernel - CVE-2017-10661
ID:6383 - Exploit for Race condition in Linux kernel - CVE-2017-10661
Published: June 17, 2021
Vulnerability identifier: #VU9693
Vulnerability risk: Low
CVE-ID: CVE-2017-10661
CWE-ID: CWE-362
Exploitation vector: Local access
Vulnerable software:
Linux kernel
Linux kernel
Link to public exploit:
Vulnerability description
The vulnerability allows a local attacker to gain elevated privileges or cause DoS condition on the target system.
The weakness exists due to race condition in fs/timerfd.c in the Linux kernel. A local attacker can use simultaneous file-descriptor operations, leverage improper might_cancel queueing, trigger list corruption or use-after-free and cause the service to crash or execute arbitrary code with root privileges.
The weakness exists due to race condition in fs/timerfd.c in the Linux kernel. A local attacker can use simultaneous file-descriptor operations, leverage improper might_cancel queueing, trigger list corruption or use-after-free and cause the service to crash or execute arbitrary code with root privileges.
Remediation
Update to version 4.10.15.