CVE-2017-16996

Опубликовано: 22 дек. 2017

Источник: redhat

CVSS3: 7.8

CVSS2: 6.2

Описание

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.

An arbitrary memory r/w access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call.

Отчет

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1528516kernel: memory corruption caused by BPF verifier bugs can allow for arbitrary code execution

7.8 High

CVSS3

6.2 Medium

CVSS2

Связанные уязвимости

CVE-2017-16996

CVSS3: 7.8

ubuntu

около 8 лет назад

CVE-2017-16996

CVSS3: 7.8

nvd

около 8 лет назад

CVE-2017-16996

CVSS3: 7.8

debian

около 8 лет назад

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...

GHSA-fhr3-fj6p-xhpf

CVSS3: 7.8

github

больше 3 лет назад

7.8 High

CVSS3

6.2 Medium

CVSS2