CVE-2017-18595

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4397f04575c44e1440ec2e49b6302785c95fd2f8

Details

Source: MITRE

Published: 2019-09-04

Updated: 2019-10-11

Type: CWE-415

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
137363RHEL 7 : kernel (RHSA-2020:2522)NessusRed Hat Local Security Checks
high
137062RHEL 7 : kernel (RHSA-2020:2277)NessusRed Hat Local Security Checks
high
137061RHEL 7 : kernel (RHSA-2020:2285)NessusRed Hat Local Security Checks
high
137060RHEL 7 : kernel (RHSA-2020:2289)NessusRed Hat Local Security Checks
high
136737RHEL 6 : kernel-rt (RHSA-2020:2242)NessusRed Hat Local Security Checks
high
136714RHEL 7 : kernel (RHSA-2020:2214)NessusRed Hat Local Security Checks
high
136690Scientific Linux Security Update : kernel on SL7.x x86_64 (20200512)NessusScientific Linux Local Security Checks
high
136645Oracle Linux 7 : kernel (ELSA-2020-2082)NessusOracle Linux Local Security Checks
high
136525RHEL 7 : kernel-rt (RHSA-2020:2085)NessusRed Hat Local Security Checks
high
136518RHEL 7 : kernel (RHSA-2020:2082)NessusRed Hat Local Security Checks
high
136496RHEL 7 : kernel-alt (RHSA-2020:2104)NessusRed Hat Local Security Checks
high
135614EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1452)NessusHuawei Local Security Checks
high
132925SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1)NessusSuSE Local Security Checks
critical
132762Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5508)NessusOracle Linux Local Security Checks
high
132499NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0266)NessusNewStart CGSL Local Security Checks
high
132490NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0264)NessusNewStart CGSL Local Security Checks
high
132134EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2599)NessusHuawei Local Security Checks
high
132071SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)NessusSuSE Local Security Checks
high
131845EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353)NessusHuawei Local Security Checks
critical
131833SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1)NessusSuSE Local Security Checks
high
131120SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2984-1)NessusSuSE Local Security Checks
critical
130950SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)NessusSuSE Local Security Checks
critical
130949SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2949-1)NessusSuSE Local Security Checks
critical
130452SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)NessusSuSE Local Security Checks
high
130089SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2710-1)NessusSuSE Local Security Checks
high
130050SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2706-1)NessusSuSE Local Security Checks
high
129845SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2648-1)NessusSuSE Local Security Checks
critical
129807openSUSE Security Update : the Linux Kernel (openSUSE-2019-2308)NessusSuSE Local Security Checks
high
129806openSUSE Security Update : the Linux Kernel (openSUSE-2019-2307)NessusSuSE Local Security Checks
high
129129EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1972)NessusHuawei Local Security Checks
high