CVE-2017-7889

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94

http://www.debian.org/security/2017/dsa-3945

http://www.openwall.com/lists/oss-security/2017/04/16/4

http://www.securityfocus.com/bid/97690

https://access.redhat.com/errata/RHSA-2017:1842

https://access.redhat.com/errata/RHSA-2017:2077

https://access.redhat.com/errata/RHSA-2017:2669

https://access.redhat.com/errata/RHSA-2018:1854

https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6

https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94

https://usn.ubuntu.com/3583-1/

https://usn.ubuntu.com/3583-2/

Details

Source: MITRE

Published: 2017-04-17

Updated: 2021-01-05

Type: CWE-732

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.10.10 (inclusive)

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
127425NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0152)NessusNewStart CGSL Local Security Checks
high
124977EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1524)NessusHuawei Local Security Checks
high
122414EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1062)NessusHuawei Local Security Checks
high
121692Photon OS 1.0: Linux PHSA-2017-0016NessusPhotonOS Local Security Checks
high
121689Photon OS 1.0: Linux PHSA-2017-0015NessusPhotonOS Local Security Checks
critical
118699F5 Networks BIG-IP : Linux kernel vulnerability (K80440915)NessusF5 Networks Local Security Checks
high
111865Photon OS 1.0: Gnutls / Linux / Openjdk / Openjre PHSA-2017-0016 (deprecated)NessusPhotonOS Local Security Checks
high
111864Photon OS 1.0: Freetype2 / Gnutls / Linux / Tar PHSA-2017-0015 (deprecated)NessusPhotonOS Local Security Checks
critical
110887Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180619) (Spectre)NessusScientific Linux Local Security Checks
high
110701Oracle Linux 6 : kernel (ELSA-2018-1854)NessusOracle Linux Local Security Checks
high
110694Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-041)NessusVirtuozzo Local Security Checks
high
110645CentOS 6 : kernel (CESA-2018:1854) (Spectre)NessusCentOS Local Security Checks
critical
110600RHEL 6 : kernel (RHSA-2018:1854) (Spectre)NessusRed Hat Local Security Checks
high
107003Ubuntu 14.04 LTS : linux vulnerabilities (USN-3583-1) (Meltdown)NessusUbuntu Local Security Checks
critical
105248OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracleVM Local Security Checks
high
105247Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659)NessusOracle Linux Local Security Checks
high
105147OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash)NessusOracleVM Local Security Checks
high
105145Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658)NessusOracle Linux Local Security Checks
high
105144Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)NessusOracle Linux Local Security Checks
high
104374SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)NessusSuSE Local Security Checks
critical
104271SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash)NessusSuSE Local Security Checks
critical
103363Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash)NessusDebian Local Security Checks
high
103046RHEL 6 : MRG (RHSA-2017:2669)NessusRed Hat Local Security Checks
high
102734CentOS 7 : kernel (CESA-2017:1842) (Stack Clash)NessusCentOS Local Security Checks
high
102645Scientific Linux Security Update : kernel on SL7.x x86_64 (20170801)NessusScientific Linux Local Security Checks
high
102550Debian DSA-3945-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
102511Oracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)NessusOracle Linux Local Security Checks
critical
102281Oracle Linux 7 : kernel (ELSA-2017-1842)NessusOracle Linux Local Security Checks
high
102151RHEL 7 : kernel-rt (RHSA-2017:2077)NessusRed Hat Local Security Checks
high
102143RHEL 7 : kernel (RHSA-2017:1842) (Stack Clash)NessusRed Hat Local Security Checks
high
101929Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3361-1)NessusUbuntu Local Security Checks
critical
100668Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3314-1)NessusUbuntu Local Security Checks
critical
100665Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3312-2)NessusUbuntu Local Security Checks
critical
100664Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3312-1)NessusUbuntu Local Security Checks
critical
99987Fedora 24 : kernel (2017-0aa0f69e0c)NessusFedora Local Security Checks
high
99719Fedora 25 : kernel (2017-7462231059)NessusFedora Local Security Checks
high