The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options. (CVE-2017-5970)
Impact
This vulnerability may allow a remote user to cause a denial of service (DoS) for the BIG-IP control plane.
Note: Only the BIG-IP control plane is vulnerable; the data plane is not affected by this vulnerability.