In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
4.4.0-179.2094.4.0-1107.1184.15.0-1066.70~16.04.14.15.0-1082.92~16.04.14.15.0-1061.654.15.0-99.100~16.04.14.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more4.4.0-1071.784.15.0-1038.42~16.04.14.4.0-1133.142Exploitability
AV:LAC:HPR:LUI:NScope
S:UImpact
C:NI:LA:HCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H