Severity
Medium
Analysis Summary
An error related to the “net_hash_mix()” function (include/net/netns/hash.h) can be exploited to disclose certain kernel memory addresses and subsequently bypass KASLR.
Impact
Exposure of sensitive information
Affected Vendors
Linux
Affected Products
Remediation
Update to a fixed version Versions
Versions 3.16.x: Update to version 3.16.70.
Versions 4.4.x: Update to version 4.4.179 or later.
Versions 4.9.x: Update to version 4.9.169 or later.
Versions 4.14.x: Update to version 4.14.112 or later.
Versions 4.19.x: Update to version 4.19.35 or later.