udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
RCE
Linux
Linux Kernel
Android
NVD
GitHub
CVSS 3.1
9.8
EPSS
0.9%