CVE-2016-10229

Critical

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second…

google_android·CWE-358·Published 2017-04-04

CVSS

9.8

EPSS

0.13

KEV

Exploits

cve.orgen

217 chars

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

NVDen

217 chars

NVDes

272 chars

Udp.c en el kernel de Linux en versiones anteriores a 4.5 permite a los atacantes remotos ejecutar código arbitrario a través del tráfico UDP que dispara un segundo cálculo de checksum inseguro durante la ejecución de una llamada al sistema recv con el indicador MSG_PEEK.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H