← back
CVE-2017-11176

CVE-2017-11176

25Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 3.6%
from disclosure to weapon448 days
Published on NVDJul 11
1st PoC+448d
exploitation probability
3.6%top 12% of all CVEs
observed exploitation
nono source reports it
9 public exploit(s)
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.