CVE-2017-11472 -- linux-imageID: oval:org.secpod.oval:def:2001420 | Date: (C)2019-06-02 (M)2024-04-17 |
Class: VULNERABILITY | Family: unix |
The acpi_ns_terminate function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted ACPI table.
Platform: |
Debian 8.x |
Debian 9.x |
Product: |
linux-image-4.9 |
linux-image-3.16 |