Lucene search

[email protected]CVE-2017-18509

HistoryAug 13, 2019 - 2:15 p.m.

CVE-2017-18509

2019-08-1314:15:00

CWE-20

[email protected]

web.nvd.nist.gov

177

cve-2017-18509

linux kernel

net/ipv6/ip6mr.c

remote code execution

security vulnerability

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

57.3%

JSON

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt4.11
linux:linux_kernellinux linux kernellt4.4.187
linux:linux_kernellinux linux kernellt4.9.187
linux:linux_kernellinux linux kernellt3.16.72
debian:debian_linuxdebian debian linuxeq8.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq16.04
debian:debian_linuxdebian debian linuxeq9.0
debian:debian_linuxdebian debian linuxeq10.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	4.11
linux:linux_kernel	linux linux kernel	lt	4.4.187
linux:linux_kernel	linux linux kernel	lt	4.9.187
linux:linux_kernel	linux linux kernel	lt	3.16.72
debian:debian_linux	debian debian linux	eq	8.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	16.04
debian:debian_linux	debian debian linux	eq	9.0
debian:debian_linux	debian debian linux	eq	10.0