Vulnerability Identifier

CVE-2017-18017

2018-01-03

Severity Assessment

9.8

CRITICAL

CVSS v3.x Score

Clinical Analysis (Description)

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Vector Sequencing

Attack Parameters

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Impact Consequences

Technical Impact

Unchanged

Scope

High

Confidentiality

High

Integrity

High

Availability

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2 Score (Legacy)

10.0

For backward compatibility

EPSS Probability

34.31%

Percentile: 97.0%

Weakness Classification

CWE-CWE-416

View CWE Details ↗

Affected Population

Affected Configurations

Total: 43 detected entries

Software List Scrollable

ubuntu_linux

Vendor: canonical • v14.04

enterprise_linux_workstation

Vendor: redhat • v7.0

enterprise_linux_server_tus

Vendor: redhat • v7.4

debian_linux

Vendor: debian • v8.0

enterprise_linux_server_aus

Vendor: redhat • v7.4

debian_linux

Vendor: debian • v7.0

linux_enterprise_debuginfo

Vendor: suse • v11

linux_enterprise_real_time_extension

Vendor: suse • v11

enterprise_linux_server

Vendor: redhat • v6.0

enterprise_linux_server_tus

Vendor: redhat • v7.6

enterprise_linux_eus

Vendor: redhat • v7.6

enterprise_linux_eus

Vendor: redhat • v7.7

linux_enterprise_module_for_public_cloud

Vendor: suse • v12

enterprise_linux_for_real_time

Vendor: redhat • v7

linux_enterprise_high_availability_extension

Vendor: suse • v11

enterprise_linux_server

Vendor: redhat • v7.0

ubuntu_linux

Vendor: canonical • v12.04

enterprise_linux_eus

Vendor: redhat • v7.3

enterprise_linux_for_real_time_for_nfv

Vendor: redhat • v7

eos

Vendor: arista • v4.20.1fx-virtual-router

linux_enterprise_server

Vendor: suse • v12

linux_enterprise_live_patching

Vendor: suse • v12

cloud_magnum_orchestration

Vendor: openstack • v7

linux_enterprise_real_time_extension

Vendor: suse • v12

linux_enterprise_high_availability

Vendor: suse • v12

linux_enterprise_server

Vendor: suse • v11

enterprise_linux_eus

Vendor: redhat • v7.4

enterprise_linux_server_aus

Vendor: redhat • v7.6

enterprise_linux_server_aus

Vendor: redhat • v7.3

linux_enterprise_point_of_sale

Vendor: suse • v11

enterprise_linux_desktop

Vendor: redhat • v7.0

enterprise_linux_server_aus

Vendor: redhat • v7.7

linux_enterprise_desktop

Vendor: suse • v12

leap

Vendor: opensuse • v42.3

linux_enterprise_workstation_extension

Vendor: suse • v12

enterprise_linux_desktop

Vendor: redhat • v6.0

linux_enterprise_software_development_kit

Vendor: suse • v11

enterprise_linux_server_tus

Vendor: redhat • v7.3

linux_enterprise_software_development_kit

Vendor: suse • v12

enterprise_linux_server_tus

Vendor: redhat • v7.7

mrg_realtime

Vendor: redhat • v2.0

openstack_cloud

Vendor: suse • v6

enterprise_linux_workstation

Vendor: redhat • v6.0

Timeline

Time Line

PUBLICATION

03 Jan 2018

MODIFICATION

03 Jan 2025

Impact Statistics

Key Metrics

CVSS Score

9.8

CRITICAL

Products

Affected

Remediation Protocol

Immediate Action Plan

1. Inventory

Identify all affected systems in your infrastructure.

2. Assessment

Assess exposure and criticality for your organization.

3. Mitigation

Apply patches or available workarounds.

4. Verification

Test and confirm effectiveness of applied measures.

⚠️ MAXIMUM PRIORITY - Immediate action required

Sources & Bibliography

NIST NVD MITRE CVE External Reference ↗ External Reference ↗ External Reference ↗ External Reference ↗ External Reference ↗

CVE Vulnerabilities

Posts & Pages

CVE-2017-18017

Attack Parameters

Technical Impact

CWE-CWE-416

Affected Configurations

Time Line

Key Metrics

Recommended Solution

Immediate Action Plan

1. Inventory

2. Assessment

3. Mitigation

4. Verification