CVE-2017-7533

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e

http://openwall.com/lists/oss-security/2017/08/03/2

http://www.debian.org/security/2017/dsa-3927

http://www.debian.org/security/2017/dsa-3945

http://www.openwall.com/lists/oss-security/2019/06/27/7

http://www.openwall.com/lists/oss-security/2019/06/28/1

http://www.openwall.com/lists/oss-security/2019/06/28/2

http://www.securityfocus.com/bid/100123

http://www.securitytracker.com/id/1039075

https://access.redhat.com/errata/RHSA-2017:2473

https://access.redhat.com/errata/RHSA-2017:2585

https://access.redhat.com/errata/RHSA-2017:2669

https://access.redhat.com/errata/RHSA-2017:2770

https://access.redhat.com/errata/RHSA-2017:2869

https://bugzilla.redhat.com/show_bug.cgi?id=1468283

https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e

https://patchwork.kernel.org/patch/9755753/

https://patchwork.kernel.org/patch/9755757/

https://source.android.com/security/bulletin/2017-12-01

https://www.mail-archive.com/[email protected]/msg1408967.html

Details

Source: MITRE

Published: 2017-08-05

Updated: 2018-01-05

Type: CWE-362

Risk Information

CVSS v2

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.12.4 (inclusive)

Tenable Plugins

View all (61 total)

IDNameProductFamilySeverity
127173NewStart CGSL MAIN 5.04 : kernel-rt Vulnerability (NS-SA-2019-0018)NessusNewStart CGSL Local Security Checks
high
124976EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1523)NessusHuawei Local Security Checks
critical
124827EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1504)NessusHuawei Local Security Checks
critical
121724Photon OS 1.0: Linux PHSA-2017-0029NessusPhotonOS Local Security Checks
critical
111878Photon OS 1.0: Cassandra / Libxml2 / Linux / Ruby PHSA-2017-0029 (deprecated)NessusPhotonOS Local Security Checks
high
106469OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0015) (BlueBorne) (Meltdown) (Spectre) (Stack Clash)NessusOracleVM Local Security Checks
critical
105248OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracleVM Local Security Checks
high
105247Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracle Linux Local Security Checks
high
103766RHEL 7 : kernel (RHSA-2017:2869)NessusRed Hat Local Security Checks
high
103354SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2525-1) (Stack Clash)NessusSuSE Local Security Checks
critical
103351RHEL 7 : kernel (RHSA-2017:2770)NessusRed Hat Local Security Checks
high
103110SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2389-1) (Stack Clash)NessusSuSE Local Security Checks
high
103046RHEL 6 : MRG (RHSA-2017:2669)NessusRed Hat Local Security Checks
high
102998EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1160)NessusHuawei Local Security Checks
high
102971RHEL 7 : kernel-rt (RHSA-2017:2585)NessusRed Hat Local Security Checks
high
102838SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2286-1)NessusSuSE Local Security Checks
high
102774OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0145) (Stack Clash)NessusOracleVM Local Security Checks
critical
102773Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609) (Stack Clash)NessusOracle Linux Local Security Checks
critical
102766CentOS 7 : kernel (CESA-2017:2473)NessusCentOS Local Security Checks
high
102718Fedora 25 : kernel (2017-73f71456d7)NessusFedora Local Security Checks
high
102669Scientific Linux Security Update : kernel on SL7.x x86_64 (20170815)NessusScientific Linux Local Security Checks
high
102573OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0143)NessusOracleVM Local Security Checks
high
102572Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3605)NessusOracle Linux Local Security Checks
high
102550Debian DSA-3945-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
102544Amazon Linux AMI : kernel (ALAS-2017-870)NessusAmazon Linux Local Security Checks
high
102533Oracle Linux 7 : kernel (ELSA-2017-2473-1)NessusOracle Linux Local Security Checks
medium
102525Ubuntu 14.04 LTS : linux-lts-xenial regression (USN-3392-2) (Stack Clash)NessusUbuntu Local Security Checks
high
102524Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression (USN-3392-1) (Stack Clash)NessusUbuntu Local Security Checks
high
102518RHEL 7 : kernel (RHSA-2017:2473)NessusRed Hat Local Security Checks
high
102513Oracle Linux 7 : kernel (ELSA-2017-2473)NessusOracle Linux Local Security Checks
high
102488Fedora 26 : kernel (2017-adc7d95627)NessusFedora Local Security Checks
high
102436Virtuozzo 7 : readykernel-patch (VZA-2017-070)NessusVirtuozzo Local Security Checks
high
102333openSUSE Security Update : the Linux Kernel (openSUSE-2017-891)NessusSuSE Local Security Checks
high
102332openSUSE Security Update : the Linux Kernel (openSUSE-2017-890)NessusSuSE Local Security Checks
high
102320SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2103-1)NessusSuSE Local Security Checks
high
102319SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2102-1)NessusSuSE Local Security Checks
high
102318SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2100-1)NessusSuSE Local Security Checks
high
102317SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2099-1)NessusSuSE Local Security Checks
high
102316SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2098-1)NessusSuSE Local Security Checks
high
102315SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2096-1)NessusSuSE Local Security Checks
high
102314SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2095-1)NessusSuSE Local Security Checks
high
102313SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2094-1)NessusSuSE Local Security Checks
high
102312SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2093-1)NessusSuSE Local Security Checks
high
102311SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2092-1)NessusSuSE Local Security Checks
high
102310SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2091-1)NessusSuSE Local Security Checks
high
102309SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2090-1)NessusSuSE Local Security Checks
high
102308SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2089-1)NessusSuSE Local Security Checks
high
102307SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2088-1)NessusSuSE Local Security Checks
high
102255SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2074-1)NessusSuSE Local Security Checks
high
102254SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2073-1)NessusSuSE Local Security Checks
high
102253SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2072-1)NessusSuSE Local Security Checks
high
102252SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2061-1)NessusSuSE Local Security Checks
high
102251SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2060-1)NessusSuSE Local Security Checks
high
102219SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2049-1)NessusSuSE Local Security Checks
high
102218SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2042-1)NessusSuSE Local Security Checks
high
102211Debian DSA-3927-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
102198Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3378-2) (Stack Clash)NessusUbuntu Local Security Checks
high
102197Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3378-1) (Stack Clash)NessusUbuntu Local Security Checks
high
102196Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3377-2) (Stack Clash)NessusUbuntu Local Security Checks
high
102195Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)NessusUbuntu Local Security Checks
high
102194SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2041-1)NessusSuSE Local Security Checks
high