CVE-2017-10661HIGH
Description
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
References
http://www.debian.org/security/2017/dsa-3981
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15
http://www.securityfocus.com/bid/100215
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
https://bugzilla.redhat.com/show_bug.cgi?id=1481136
https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6
Details
Source: MITRE
Published: 2017-08-19
Updated: 2018-10-31
Type: CWE-416
Risk Information
CVSS v2.0
Base Score: 7.6
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 4.9
Severity: HIGH
CVSS v3.0
Base Score: 7
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.10.14 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 132700 | RHEL 7 : kernel (RHSA-2020:0036) | Nessus | Red Hat Local Security Checks | critical |
| 131719 | RHEL 6 : MRG (RHSA-2019:4057) | Nessus | Red Hat Local Security Checks | high |
| 131675 | RHEL 7 : kernel (RHSA-2019:4058) | Nessus | Red Hat Local Security Checks | high |
| 127281 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0074) | Nessus | NewStart CGSL Local Security Checks | critical |
| 127272 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070) | Nessus | NewStart CGSL Local Security Checks | critical |
| 124989 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536) | Nessus | Huawei Local Security Checks | high |
| 124821 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1498) | Nessus | Huawei Local Security Checks | high |
| 119187 | Scientific Linux Security Update : kernel on SL7.x x86_64 (20181030) | Nessus | Scientific Linux Local Security Checks | high |
| 118990 | CentOS 7 : kernel (CESA-2018:3083) | Nessus | CentOS Local Security Checks | high |
| 118770 | Oracle Linux 7 : kernel (ELSA-2018-3083) | Nessus | Oracle Linux Local Security Checks | high |
| 118528 | RHEL 7 : kernel-rt (RHSA-2018:3096) | Nessus | Red Hat Local Security Checks | high |
| 118525 | RHEL 7 : kernel (RHSA-2018:3083) | Nessus | Red Hat Local Security Checks | high |
| 109158 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0035) (Dirty COW) (Meltdown) (Spectre) | Nessus | OracleVM Local Security Checks | high |
| 109156 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4071) (Dirty COW) (Meltdown) (Spectre) | Nessus | Oracle Linux Local Security Checks | high |
| 105352 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3340-1) | Nessus | SuSE Local Security Checks | high |
| 105350 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3337-1) | Nessus | SuSE Local Security Checks | high |
| 105349 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3336-1) | Nessus | SuSE Local Security Checks | high |
| 105348 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3332-1) | Nessus | SuSE Local Security Checks | high |
| 105290 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3323-1) | Nessus | SuSE Local Security Checks | high |
| 105289 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3322-1) | Nessus | SuSE Local Security Checks | high |
| 105288 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3321-1) | Nessus | SuSE Local Security Checks | high |
| 105287 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3320-1) | Nessus | SuSE Local Security Checks | high |
| 105286 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3318-1) | Nessus | SuSE Local Security Checks | high |
| 105285 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3316-1) | Nessus | SuSE Local Security Checks | high |
| 105283 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3313-1) | Nessus | SuSE Local Security Checks | high |
| 105282 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3312-1) | Nessus | SuSE Local Security Checks | high |
| 105281 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3309-1) | Nessus | SuSE Local Security Checks | high |
| 105280 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3308-1) | Nessus | SuSE Local Security Checks | high |
| 105278 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3305-1) | Nessus | SuSE Local Security Checks | high |
| 105277 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3304-1) | Nessus | SuSE Local Security Checks | high |
| 105276 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3303-1) | Nessus | SuSE Local Security Checks | high |
| 105275 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3302-1) | Nessus | SuSE Local Security Checks | high |
| 105274 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3301-1) | Nessus | SuSE Local Security Checks | high |
| 105273 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3299-1) | Nessus | SuSE Local Security Checks | high |
| 105272 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3293-1) | Nessus | SuSE Local Security Checks | high |
| 105271 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3289-1) | Nessus | SuSE Local Security Checks | high |
| 105270 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3287-1) | Nessus | SuSE Local Security Checks | high |
| 105248 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash) | Nessus | OracleVM Local Security Checks | high |
| 105247 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659) (BlueBorne) (Dirty COW) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
| 105172 | SUSE SLES11 Security Update : kernel (SUSE-SU-2017:3265-1) (KRACK) | Nessus | SuSE Local Security Checks | critical |
| 105147 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash) | Nessus | OracleVM Local Security Checks | high |
| 105145 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658) (BlueBorne) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
| 105144 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657) (BlueBorne) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
| 104578 | EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245) | Nessus | Huawei Local Security Checks | high |
| 104454 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168) | Nessus | OracleVM Local Security Checks | high |
| 104453 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0167) | Nessus | OracleVM Local Security Checks | high |
| 104374 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
| 104371 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3637) | Nessus | Oracle Linux Local Security Checks | high |
| 104370 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636) | Nessus | Oracle Linux Local Security Checks | high |
| 104369 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3635) | Nessus | Oracle Linux Local Security Checks | high |
| 104322 | Ubuntu 14.04 LTS : linux vulnerabilities (USN-3470-1) | Nessus | Ubuntu Local Security Checks | high |
| 104271 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
| 103365 | Debian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash) | Nessus | Debian Local Security Checks | high |
| 103363 | Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash) | Nessus | Debian Local Security Checks | high |
| 103354 | SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2525-1) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
| 102922 | Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-076) | Nessus | Virtuozzo Local Security Checks | high |