← back
CVE-2017-16995

CVE-2017-16995

EPSS 30.1%
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (13 stars) — exploitation code widely available.
CVSS EPSS 30.1%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
12 Nov 2017Metasploit module available
22 Dec 2017Published on NVD
16 Mar 2018Public PoC
Weaponization speed
84 daysto first PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.