Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-17977

Опубликовано: 08 окт. 2018
Источник: debian
EPSS Низкий

Описание

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxunfixedpackage

Примечания

  • Needs major rework on protocol level to fix. Exploitable (likely) only with CAP_NET_ADMIN.

EPSS

Процентиль: 32%
0.00122
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-17977

CVSS3: 4.4
ubuntu
больше 7 лет назад

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

redhat логотип

CVE-2018-17977

CVSS3: 4.9
redhat
больше 7 лет назад

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

nvd логотип

CVE-2018-17977

CVSS3: 4.4
nvd
больше 7 лет назад

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

github логотип

GHSA-7889-v87r-4q9r

CVSS3: 4.4
github
больше 3 лет назад

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

fstec логотип

BDU:2019-02786

CVSS3: 4.4
fstec
больше 7 лет назад

Уязвимость ядра операционной системы Linux, связанная с некорректной обработкой определенного взаимодействия между сообщениями XFRM Netlink, пакетами IPPROTO_AH и пакетами IPPROTO_IP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 32%
0.00122
Низкий