Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-12153

Опубликовано: 21 сент. 2017
Источник: nvd
CVSS3: 4.4
CVSS2: 4.9
EPSS Низкий

Описание

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 4.13.3 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 10%
0.00037
Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476
CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2017-12153

CVSS3: 4.4
ubuntu
больше 7 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

redhat логотип

CVE-2017-12153

CVSS3: 4.4
redhat
почти 8 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

debian логотип

CVE-2017-12153

CVSS3: 4.4
debian
больше 7 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() functio ...

github логотип

GHSA-2wr3-w5rh-2qx4

CVSS3: 4.4
github
около 3 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

oracle-oval логотип

ELSA-2019-4531

oracle-oval
больше 6 лет назад

ELSA-2019-4531: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 10%
0.00037
Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-476
CWE-476