The bug itself (CVE-2017-7308) is a signedness issue, which leads to an exploitable heap-out-of-bounds write. It can be triggered by providing specific parameters to the PACKET_RX_RING option on an AF_PACKET socket with a TPACKET_V3 ring buffer version enabled.
from #lzodevelopment http://ift.tt/2r0yc0g
via freelance WordPress developer
No comments:
Post a Comment