Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-12153

Опубликовано: 13 сент. 2017
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

A security flaw was discovered in nl80211_set_rekey_data() function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netlink request. This request can be issued by a user with CAP_NET_ADMIN privilege and may result in NULL dereference and a system crash.

Отчет

This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in this product. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelWill not fix
Red Hat Enterprise Linux 7kernelWill not fix
Red Hat Enterprise Linux 7kernel-altAffected
Red Hat Enterprise Linux 7kernel-rtWill not fix
Red Hat Enterprise MRG 2realtime-kernelWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1491046kernel: null pointer dereference in nl80211_set_rekey_data()

EPSS

Процентиль: 10%
0.00037
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-12153

CVSS3: 4.4
ubuntu
больше 7 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

nvd логотип

CVE-2017-12153

CVSS3: 4.4
nvd
больше 7 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

debian логотип

CVE-2017-12153

CVSS3: 4.4
debian
больше 7 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() functio ...

github логотип

GHSA-2wr3-w5rh-2qx4

CVSS3: 4.4
github
около 3 лет назад

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

oracle-oval логотип

ELSA-2019-4531

oracle-oval
больше 6 лет назад

ELSA-2019-4531: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 10%
0.00037
Низкий

4.4 Medium

CVSS3