ByteOS Network

CVE Vulnerability Details :

CVE-2017-7184

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-19 Mar, 2017 | 18:00

Updated At-05 Aug, 2024 | 15:56

▼CVE Numbering Authority (CNA)

The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://blog.trendmicro.com/results-pwn2own-2017-day-one/	x_refsource_MISC
https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory x_refsource_REDHAT
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory x_refsource_REDHAT
http://www.securityfocus.com/bid/97018	vdb-entry x_refsource_BID
https://source.android.com/security/bulletin/2017-05-01	x_refsource_CONFIRM
http://www.securitytracker.com/id/1038166	vdb-entry x_refsource_SECTRACK
https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM
http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition	x_refsource_MISC
https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM
https://twitter.com/thezdi/status/842126074435665920	x_refsource_MISC
http://openwall.com/lists/oss-security/2017/03/29/2	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:4159	vendor-advisory x_refsource_REDHAT

Hyperlink: https://blog.trendmicro.com/results-pwn2own-2017-day-one/

Resource:

x_refsource_MISC

Hyperlink: https://access.redhat.com/errata/RHSA-2017:2918

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a

Resource:

x_refsource_CONFIRM

Hyperlink: https://access.redhat.com/errata/RHSA-2017:2931

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.securityfocus.com/bid/97018

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://source.android.com/security/bulletin/2017-05-01

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securitytracker.com/id/1038166

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df

Resource:

x_refsource_CONFIRM

Hyperlink: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition

Resource:

x_refsource_MISC

Hyperlink: https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a

Resource:

x_refsource_CONFIRM

Hyperlink: https://twitter.com/thezdi/status/842126074435665920

Resource:

x_refsource_MISC

Hyperlink: http://openwall.com/lists/oss-security/2017/03/29/2

Resource:

x_refsource_CONFIRM

Hyperlink: https://access.redhat.com/errata/RHSA-2017:2930

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://access.redhat.com/errata/RHSA-2019:4159

Resource:

vendor-advisory

x_refsource_REDHAT

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://blog.trendmicro.com/results-pwn2own-2017-day-one/	x_refsource_MISC x_transferred
https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory x_refsource_REDHAT x_transferred
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM x_transferred
https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory x_refsource_REDHAT x_transferred
http://www.securityfocus.com/bid/97018	vdb-entry x_refsource_BID x_transferred
https://source.android.com/security/bulletin/2017-05-01	x_refsource_CONFIRM x_transferred
http://www.securitytracker.com/id/1038166	vdb-entry x_refsource_SECTRACK x_transferred
https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM x_transferred
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM x_transferred
http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition	x_refsource_MISC x_transferred
https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM x_transferred
https://twitter.com/thezdi/status/842126074435665920	x_refsource_MISC x_transferred
http://openwall.com/lists/oss-security/2017/03/29/2	x_refsource_CONFIRM x_transferred
https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/errata/RHSA-2019:4159	vendor-advisory x_refsource_REDHAT x_transferred