Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

None

Attack Vector

Network

0

CVE-2017-18017

Disclosure Date: January 03, 2018 •

CVE-2017-18017 CVSS v3 Base Score: 9.8

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

9.8 Critical

Impact Score:

5.9

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

Products

References

Canonical

CVE-2017-18017 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18017)

BID-102367 (http://www.securityfocus.com/bid/102367)

Advisory

DSA-4187 (https://www.debian.org/security/2018/dsa-4187)

USN-3583-2 (https://usn.ubuntu.com/3583-2)

https://access.redhat.com/errata/RHSA-2018:1737

https://access.redhat.com/errata/RHSA-2018:1062

https://access.redhat.com/errata/RHSA-2018:1319

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

USN-3583-1 (https://usn.ubuntu.com/3583-1)

https://access.redhat.com/errata/RHSA-2018:0676

https://access.redhat.com/errata/RHSA-2018:1170

https://access.redhat.com/errata/RHSA-2018:1130

[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update (https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html)

USN-3583-2 (https://usn.ubuntu.com/3583-2/)

USN-3583-1 (https://usn.ubuntu.com/3583-1/)

SUSE-SU-2018:0834 (http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html)

SUSE-SU-2018:0848 (http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.html)

SUSE-SU-2018:0383 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html)

USN-3583-1 (http://www.ubuntu.com/usn/USN-3583-1)

https://support.f5.com/csp/article/K18352029

SUSE-SU-2018:0555 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html)

openSUSE-SU-2018:0408 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html)

SUSE-SU-2018:0986 (http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.html)

SUSE-SU-2018:0416 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html)

SUSE-SU-2018:0482 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html)

SUSE-SU-2018:0841 (http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.html)

USN-3583-2 (http://www.ubuntu.com/usn/USN-3583-2)

SUSE-SU-2018:0660 (http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.html)

Miscellaneous

http://patchwork.ozlabs.org/patch/746618

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36

https://lkml.org/lkml/2017/4/2/13

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765

https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=2638fd0f92d4397884fd991d8f4925cb3f081901

http://patchwork.ozlabs.org/patch/746618/

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901

https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34

Rapid7

Technical Analysis