Lucene search

K
f5F5F5:K01043241
HistoryMar 30, 2018 - 12:00 a.m.

K01043241 : Linux kernel vulnerability CVE-2017-17448

2018-03-3000:00:00
my.f5.com
50

AI Score

6.7

Confidence

High

EPSS

0

Percentile

10.1%

Security Advisory Description

net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces. (CVE-2017-17448)

Impact

This vulnerability may allow local users to bypass intended access restrictions on the system.