CVE-2017-17807

LOW
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4dca6ea1d9432052afb06baf2e3ae78188a4410b

http://www.securityfocus.com/bid/102301

https://github.com/torvalds/linux/commit/4dca6ea1d9432052afb06baf2e3ae78188a4410b

https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html

https://usn.ubuntu.com/3617-1/

https://usn.ubuntu.com/3617-2/

https://usn.ubuntu.com/3617-3/

https://usn.ubuntu.com/3619-1/

https://usn.ubuntu.com/3619-2/

https://usn.ubuntu.com/3620-1/

https://usn.ubuntu.com/3620-2/

https://usn.ubuntu.com/3632-1/

https://www.debian.org/security/2017/dsa-4073

https://www.debian.org/security/2018/dsa-4082

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.6

Details

Source: MITRE

Published: 2017-12-20

Updated: 2019-10-03

Type: CWE-862

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 3.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Impact Score: 1.4

Exploitability Score: 1.8

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
143971NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0108)NessusNewStart CGSL Local Security Checks
critical
141405NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0043)NessusNewStart CGSL Local Security Checks
high
141400NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2020-0041)NessusNewStart CGSL Local Security Checks
high
135813Scientific Linux Security Update : kernel on SL7.x x86_64 (20200407)NessusScientific Linux Local Security Checks
high
135316CentOS 7 : kernel (CESA-2020:1016)NessusCentOS Local Security Checks
high
135080RHEL 7 : kernel (RHSA-2020:1016)NessusRed Hat Local Security Checks
high
135078RHEL 7 : kernel-rt (RHSA-2020:1070)NessusRed Hat Local Security Checks
high
124987EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1534)NessusHuawei Local Security Checks
high
124824EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1501)NessusHuawei Local Security Checks
high
122837OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0009)NessusOracleVM Local Security Checks
high
122804Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4576)NessusOracle Linux Local Security Checks
high
122803Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4575)NessusOracle Linux Local Security Checks
high
117541EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1232)NessusHuawei Local Security Checks
high
110311Virtuozzo 7 : readykernel-patch (VZA-2018-038)NessusVirtuozzo Local Security Checks
medium
109801Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-029)NessusVirtuozzo Local Security Checks
high
109623Virtuozzo 7 : readykernel-patch (VZA-2018-026)NessusVirtuozzo Local Security Checks
high
109622Virtuozzo 7 : readykernel-patch (VZA-2018-025)NessusVirtuozzo Local Security Checks
high
109621Virtuozzo 7 : readykernel-patch (VZA-2018-024)NessusVirtuozzo Local Security Checks
high
109316Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3632-1)NessusUbuntu Local Security Checks
high
108878Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3619-2)NessusUbuntu Local Security Checks
high
108843Ubuntu 14.04 LTS : linux vulnerabilities (USN-3620-1)NessusUbuntu Local Security Checks
critical
108842Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3619-1)NessusUbuntu Local Security Checks
high
108840Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3617-3)NessusUbuntu Local Security Checks
high
108835Ubuntu 16.04 LTS : linux-hwe, linux-gcp, linux-oem vulnerabilities (USN-3617-2)NessusUbuntu Local Security Checks
high
108834Ubuntu 17.10 : linux vulnerabilities (USN-3617-1)NessusUbuntu Local Security Checks
high
106406EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1031)NessusHuawei Local Security Checks
critical
106167EulerOS 2.0 SP2 : kernel (EulerOS-SA-2018-1026)NessusHuawei Local Security Checks
high
105704Debian DSA-4082-1 : linux - security update (Meltdown)NessusDebian Local Security Checks
high
105622Debian DLA-1232-1 : linux security update (Meltdown)NessusDebian Local Security Checks
high
105433Debian DSA-4073-1 : linux - security updateNessusDebian Local Security Checks
high