Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 16.4%.
Linux
Information Disclosure
Linux Kernel
NVD
Exploit-DB
GitHub
CVSS 2.0
7.2
EPSS
16.4%