Linux kernel is vulnerable to denial of service. It was found that the blk_rq_map_user_iov()
function in the Linux kernel’s block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device.
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html
access.redhat.com/errata/RHSA-2017:0817
access.redhat.com/security/cve/CVE-2017-5551
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1325766
bugzilla.redhat.com/show_bug.cgi?id=847106