CVE-2017-16939

Name	CVE-2017-16939
Description	The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1200-1, DSA-4082-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	bullseye	5.10.218-1	fixed
	bullseye (security)	5.10.221-1	fixed
	bookworm	6.1.94-1	fixed
	bookworm (security)	6.1.90-1	fixed
	trixie	6.9.8-1	fixed
	sid	6.9.9-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
linux	source	wheezy	3.2.96-1	DLA-1200-1
linux	source	jessie	3.16.51-3+deb8u1	DSA-4082-1
linux	source	stretch	4.9.65-1
linux	source	(unstable)	4.13.13-1

Fixed by: https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2