Advisories ยป MGASA-2017-0158

Updated libnl3 packages fix security vulnerability

Publication date: 08 Jun 2017
Modification date: 08 Jun 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-0386 , CVE-2017-0553

Description

An elevation of privilege vulnerability in the libnl library could enable
a local malicious application to execute arbitrary code within the context
of a privileged process (CVE-2017-0386).

An integer overflow vulnerability was found in nlmsg_reserve() triggered
by crafted @len argument resulting into reserving too few bytes
(CVE-2017-0553).
                

References

SRPMS

5/core