First published: Wed Aug 09 2017(Updated: )
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=3.18<3.18.64 | |
Linux Linux kernel | >=3.19<=4.4.80 | |
Linux Linux kernel | >=4.5<=4.9.41 | |
Linux Linux kernel | >=4.10<=4.12.5 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12762 is a vulnerability in the Linux kernel that allows for buffer overflow by copying a user-controlled buffer into a local buffer of constant size without a length check.
CVE-2017-12762 affects the Linux kernel 4.9-stable, 4.12-stable, 3.18-stable, and 4.4-stable versions.
CVE-2017-12762 is a vulnerability that can lead to a buffer overflow, which can be exploited by an attacker to execute arbitrary code or crash the system.
Yes, there are fixes available for CVE-2017-12762. Users should update their Linux kernel to a version that includes the fix.
You can find more information about CVE-2017-12762 at the following references: [Patchwork](https://patchwork.kernel.org/patch/9880041/), [SecurityFocus](http://www.securityfocus.com/bid/100251), [Ubuntu Security Notice](https://usn.ubuntu.com/3620-1/)