CVE-2017-18017

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901

http://patchwork.ozlabs.org/patch/746618/

http://www.securityfocus.com/bid/102367

https://access.redhat.com/errata/RHSA-2018:0676

https://access.redhat.com/errata/RHSA-2018:1062

https://access.redhat.com/errata/RHSA-2018:1130

https://access.redhat.com/errata/RHSA-2018:1170

https://access.redhat.com/errata/RHSA-2018:1319

https://access.redhat.com/errata/RHSA-2018:1737

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765

https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html

https://lkml.org/lkml/2017/4/2/13

https://usn.ubuntu.com/3583-1/

https://usn.ubuntu.com/3583-2/

https://www.debian.org/security/2018/dsa-4187

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36

Details

Source: MITRE

Published: 2018-01-03

Updated: 2018-11-30

Type: CWE-416

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:4.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.13:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.14:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.15:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.16:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.17:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.18:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.19:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.20:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.21:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.22:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.23:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.24:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.25:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.26:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.27:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.28:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.29:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.30:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.31:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.32:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.33:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.34:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.9.35:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.13:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.14:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.10.15:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:4.11:rc7:*:*:*:*:*:*

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
133865Arista Networks tcpmss_mangle_packet DoS (SA0034)NessusMisc.
critical
127281NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0074)NessusNewStart CGSL Local Security Checks
critical
127272NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070)NessusNewStart CGSL Local Security Checks
critical
124992EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1539)NessusHuawei Local Security Checks
critical
118851Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4268)NessusOracle Linux Local Security Checks
critical
117543EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1234)NessusHuawei Local Security Checks
critical
111021OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0236)NessusOracleVM Local Security Checks
critical
110997Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4161)NessusOracle Linux Local Security Checks
critical
110220RHEL 7 : kernel (RHSA-2018:1737) (Spectre)NessusRed Hat Local Security Checks
critical
109655CentOS 6 : kernel (CESA-2018:1319) (Meltdown)NessusCentOS Local Security Checks
critical
109643Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180508) (Meltdown)NessusScientific Linux Local Security Checks
critical
109634RHEL 6 : kernel (RHSA-2018:1319) (Meltdown)NessusRed Hat Local Security Checks
critical
109629Oracle Linux 6 : kernel (ELSA-2018-1319)NessusOracle Linux Local Security Checks
critical
109531Debian DLA-1369-1 : linux security update (Spectre)NessusDebian Local Security Checks
critical
109517Debian DSA-4187-1 : linux - security update (Spectre)NessusDebian Local Security Checks
critical
109449Scientific Linux Security Update : kernel on SL7.x x86_64 (20180410) (Meltdown)NessusScientific Linux Local Security Checks
critical
109380CentOS 7 : kernel (CESA-2018:1062)NessusCentOS Local Security Checks
critical
109335RHEL 6 : MRG (RHSA-2018:1170)NessusRed Hat Local Security Checks
critical
109116RHEL 7 : kernel (RHSA-2018:1130)NessusRed Hat Local Security Checks
critical
109113Oracle Linux 7 : kernel (ELSA-2018-1062)NessusOracle Linux Local Security Checks
critical
108997RHEL 7 : kernel (RHSA-2018:1062)NessusRed Hat Local Security Checks
critical
108984RHEL 7 : kernel-rt (RHSA-2018:0676)NessusRed Hat Local Security Checks
critical
108748SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0848-1)NessusSuSE Local Security Checks
critical
108705SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0834-1)NessusSuSE Local Security Checks
critical
108596Virtuozzo 6 : parallels-server-bm-release / etc (VZA-2018-017)NessusVirtuozzo Local Security Checks
critical
108279SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0660-1) (Spectre)NessusSuSE Local Security Checks
critical
107055SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0555-1) (Meltdown) (Spectre)NessusSuSE Local Security Checks
critical
107003Ubuntu 14.04 LTS : linux vulnerabilities (USN-3583-1) (Meltdown)NessusUbuntu Local Security Checks
critical
106748SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0416-1) (Spectre)NessusSuSE Local Security Checks
critical
106740openSUSE Security Update : the Linux Kernel (openSUSE-2018-153) (Spectre)NessusSuSE Local Security Checks
critical
106672SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0383-1) (Spectre)NessusSuSE Local Security Checks
critical
106406EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1031)NessusHuawei Local Security Checks
critical
106053Virtuozzo 7 : readykernel-patch (VZA-2018-005)NessusVirtuozzo Local Security Checks
critical
106052Virtuozzo 7 : readykernel-patch (VZA-2018-004)NessusVirtuozzo Local Security Checks
critical