Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-0553

Опубликовано: 07 фев. 2017
Источник: redhat
CVSS3: 7

Описание

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

An integer overflow leading to a heap-buffer overflow was found in the libnl library. An attacker could use this flaw to cause an application compiled with libnl to crash or possibly execute arbitrary code in the context of the user running such an application.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libnlWill not fix
Red Hat Enterprise Linux 6libnlWill not fix
Red Hat Enterprise Linux 6libnl3Will not fix
Red Hat Enterprise Linux 7libnlWill not fix
Red Hat Enterprise Linux 7libnl3FixedRHSA-2017:229901.08.2017
Red Hat Enterprise Linux 7NetworkManagerFixedRHSA-2017:229901.08.2017
Red Hat Enterprise Linux 7network-manager-appletFixedRHSA-2017:229901.08.2017
Red Hat Enterprise Linux 7NetworkManager-libreswanFixedRHSA-2017:229901.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1440788libnl: Integer overflow in nlmsg_reserve()

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-0553

CVSS3: 7
ubuntu
больше 8 лет назад

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

nvd логотип

CVE-2017-0553

CVSS3: 7
nvd
больше 8 лет назад

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

debian логотип

CVE-2017-0553

CVSS3: 7
debian
больше 8 лет назад

An elevation of privilege vulnerability in libnl could enable a local ...

github логотип

GHSA-697f-p26c-wf65

CVSS3: 7
github
больше 3 лет назад

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

oracle-oval логотип

ELSA-2017-2299

oracle-oval
больше 8 лет назад

ELSA-2017-2299: NetworkManager and libnl3 security, bug fix and enhancement update (MODERATE)

7 High

CVSS3