The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.19 (including) | 4.1.28 (excluding) |
Linux_kernel | Linux | 4.2 (including) | 4.4.14 (excluding) |
Linux_kernel | Linux | 4.5 (including) | 4.6.3 (excluding) |