Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-18552

Опубликовано: 18 авг. 2019
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

Меры по смягчению последствий

As the RDS module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:

echo "install rds /bin/true" >> /etc/modprobe.d/disable-rds.conf

The system will need to be restarted if the RDS modules are loaded. In most circumstances, the RDS kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1757358kernel: OOB read and write in net/rds/af_rds.c

EPSS

Процентиль: 25%
0.00085
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-18552

CVSS3: 7.8
ubuntu
больше 6 лет назад

An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

nvd логотип

CVE-2017-18552

CVSS3: 7.8
nvd
больше 6 лет назад

An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

debian логотип

CVE-2017-18552

CVSS3: 7.8
debian
больше 6 лет назад

An issue was discovered in net/rds/af_rds.c in the Linux kernel before ...

github логотип

GHSA-p336-585v-7x54

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.

EPSS

Процентиль: 25%
0.00085
Низкий

5.3 Medium

CVSS3