Vulnerability Description
PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rawether Project | Rawether | - |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://blog.rewolf.pl/blog/?p=1778ExploitThird Party Advisory
- http://www.securityfocus.com/bid/96993/discussThird Party AdvisoryVDB Entry
- https://www.itsecuritynews.info/vuln-printing-communications-association-rawetheThird Party Advisory
- https://www.kb.cert.org/vuls/id/600671ExploitMitigationThird Party Advisory
- http://blog.rewolf.pl/blog/?p=1778ExploitThird Party Advisory
- http://www.securityfocus.com/bid/96993/discussThird Party AdvisoryVDB Entry
- https://www.itsecuritynews.info/vuln-printing-communications-association-rawetheThird Party Advisory
- https://www.kb.cert.org/vuls/id/600671ExploitMitigationThird Party Advisory
FAQ
What is CVE-2017-3196?
CVE-2017-3196 is a vulnerability with a CVSS score of 7.8 (HIGH). PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network...
How severe is CVE-2017-3196?
CVE-2017-3196 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3196?
Check the references section above for vendor advisories and patch information. Affected products include: Rawether Project Rawether, Microsoft Windows.