CVE-2017-6346

MEDIUM

Description

Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b

http://www.debian.org/security/2017/dsa-3804

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13

http://www.openwall.com/lists/oss-security/2017/02/28/6

http://www.securityfocus.com/bid/96508

https://github.com/torvalds/linux/commit/d199fab63c11998a602205f7ee7ff7c05c97164b

https://source.android.com/security/bulletin/2017-09-01

Details

Source: MITRE

Published: 2017-03-01

Updated: 2017-11-04

Type: CWE-416

Risk Information

CVSS v2.0

Base Score: 6.9

Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3.0

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH

Tenable Plugins

View all (47 total)

ID	Name	Product	Family	Severity
124977	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1524)	Nessus	Huawei Local Security Checks	high
111857	Photon OS 1.0: Linux PHSA-2017-0008 (deprecated)	Nessus	PhotonOS Local Security Checks	critical
108511	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0664-1)	Nessus	SuSE Local Security Checks	medium
107106	F5 Networks BIG-IP : Linux kernel vulnerability (K11023978)	Nessus	F5 Networks Local Security Checks	medium
107085	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0562-1)	Nessus	SuSE Local Security Checks	medium
105284	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3315-1)	Nessus	SuSE Local Security Checks	medium
104965	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3160-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104964	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3158-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104963	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3157-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104961	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3154-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104960	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3153-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104959	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3152-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104958	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3151-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104957	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3150-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104956	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3149-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104955	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3148-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104954	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3147-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104953	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3146-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104952	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3145-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104880	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3132-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104879	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3131-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104878	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3130-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104877	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3127-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104876	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3125-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104875	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3124-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104874	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3123-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104873	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3119-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104872	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3118-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104871	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3117-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104805	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3103-1) (KRACK)	Nessus	SuSE Local Security Checks	medium
104374	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)	Nessus	SuSE Local Security Checks	critical
104271	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash)	Nessus	SuSE Local Security Checks	critical
104253	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2869-1) (KRACK)	Nessus	SuSE Local Security Checks	high
104246	openSUSE Security Update : the Linux Kernel (openSUSE-2017-1224) (KRACK)	Nessus	SuSE Local Security Checks	medium
104171	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2847-1) (KRACK)	Nessus	SuSE Local Security Checks	high
104166	openSUSE Security Update : the Linux Kernel (openSUSE-2017-1194) (KRACK)	Nessus	SuSE Local Security Checks	medium
103326	Ubuntu 14.04 LTS : linux vulnerabilities (USN-3422-1) (BlueBorne)	Nessus	Ubuntu Local Security Checks	high
101929	Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3361-1)	Nessus	Ubuntu Local Security Checks	critical
100320	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1360-1)	Nessus	SuSE Local Security Checks	critical
100150	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1247-1)	Nessus	SuSE Local Security Checks	critical
100023	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1)	Nessus	SuSE Local Security Checks	high
99658	Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3265-2)	Nessus	Ubuntu Local Security Checks	high
99657	Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3265-1)	Nessus	Ubuntu Local Security Checks	high
99157	openSUSE Security Update : the Linux Kernel (openSUSE-2017-419)	Nessus	SuSE Local Security Checks	high
99156	openSUSE Security Update : the Linux Kernel (openSUSE-2017-418)	Nessus	SuSE Local Security Checks	high
97640	Debian DLA-849-1 : linux security update	Nessus	Debian Local Security Checks	high
97615	Debian DSA-3804-1 : linux - security update	Nessus	Debian Local Security Checks	high