Critical Severity Vulnerability
This vulnerability has been rated as Critical severity. Immediate action is recommended.
CVE-2017-18017
Critical
Low
Medium
High
Critical
9.8
CVSS Score
Vulnerability Description
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
43 configuration(s) from 7 vendor(s)
eos
Version:
4.20.1fx-virtual-router
CPE:
cpe:2.3:o:arista:eos:4.20.1fx-virtual-router:*:*:*:*:*:*:*
ubuntu_linux
Version:
14.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
ubuntu_linux
Version:
12.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
debian_linux
Version:
8.0
CPE:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debian_linux
Version:
7.0
CPE:
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cloud_magnum_orchestration
Version:
7
CPE:
cpe:2.3:a:openstack:cloud_magnum_orchestration:7:*:*:*:*:*:*:*
leap
Version:
42.3
CPE:
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
enterprise_linux_workstation
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*
enterprise_linux_server_tus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
enterprise_linux_server_aus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
enterprise_linux_server
Version:
6.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x86:*
enterprise_linux_server_tus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
enterprise_linux_eus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
enterprise_linux_eus
Version:
7.7
CPE:
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
enterprise_linux_for_real_time
Version:
7
CPE:
cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
enterprise_linux_server
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:x64:*
enterprise_linux_eus
Version:
7.3
CPE:
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
enterprise_linux_for_real_time_for_nfv
Version:
7
CPE:
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*
enterprise_linux_eus
Version:
7.4
CPE:
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
enterprise_linux_server_aus
Version:
7.6
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
enterprise_linux_server_aus
Version:
7.3
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
enterprise_linux_desktop
Version:
7.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*
enterprise_linux_server_aus
Version:
7.7
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
enterprise_linux_desktop
Version:
6.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*
enterprise_linux_server_tus
Version:
7.3
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
enterprise_linux_server_tus
Version:
7.7
CPE:
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
mrg_realtime
Version:
2.0
CPE:
cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*
enterprise_linux_workstation
Version:
6.0
CPE:
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x86:*
linux_enterprise_debuginfo
Version:
11
CPE:
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*
linux_enterprise_real_time_extension
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
linux_enterprise_module_for_public_cloud
Version:
12
CPE:
cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*
linux_enterprise_high_availability_extension
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:-:*:*:*:*:*:*
linux_enterprise_server
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:*:*:*
linux_enterprise_live_patching
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_live_patching:12:-:*:*:*:*:*:*
linux_enterprise_real_time_extension
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
linux_enterprise_high_availability
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp3:*:*:*:*:*:*
linux_enterprise_server
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:*:*:*
linux_enterprise_point_of_sale
Version:
11
CPE:
cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
linux_enterprise_desktop
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*
linux_enterprise_workstation_extension
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
linux_enterprise_software_development_kit
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:-:*:*:*:*:*:*
linux_enterprise_software_development_kit
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
openstack_cloud
Version:
6
CPE:
cpe:2.3:a:suse:openstack_cloud:6:*:*:*:*:*:*:*
This vulnerability affects 43 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901cve@mitre.org Patch Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://patchwork.ozlabs.org/patch/746618/cve@mitre.org Patch Third Party Advisory
-
http://www.securityfocus.com/bid/102367cve@mitre.org Broken Link Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3583-1cve@mitre.org Third Party Advisory
-
http://www.ubuntu.com/usn/USN-3583-2cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:0676cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1062cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1130cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1170cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1319cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1737cve@mitre.org Third Party Advisory
-
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765cve@mitre.org Issue Tracking Third Party Advisory
-
https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901cve@mitre.org Patch Third Party Advisory
-
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0cve@mitre.org Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlcve@mitre.org Mailing List Third Party Advisory
-
https://lkml.org/lkml/2017/4/2/13cve@mitre.org Third Party Advisory
-
https://support.f5.com/csp/article/K18352029cve@mitre.org Third Party Advisory
-
https://usn.ubuntu.com/3583-1/cve@mitre.org Third Party Advisory
-
https://usn.ubuntu.com/3583-2/cve@mitre.org Third Party Advisory
-
https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34cve@mitre.org Mitigation Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4187cve@mitre.org Third Party Advisory
-
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36cve@mitre.org Release Notes Vendor Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901af854a3a-2127-422b-91ae-364da2661108 Patch Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://patchwork.ozlabs.org/patch/746618/af854a3a-2127-422b-91ae-364da2661108 Patch Third Party Advisory
-
http://www.securityfocus.com/bid/102367af854a3a-2127-422b-91ae-364da2661108 Broken Link Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3583-1af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.ubuntu.com/usn/USN-3583-2af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:0676af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1062af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1130af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1170af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1319af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1737af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765af854a3a-2127-422b-91ae-364da2661108 Issue Tracking Third Party Advisory
-
https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901af854a3a-2127-422b-91ae-364da2661108 Patch Third Party Advisory
-
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lkml.org/lkml/2017/4/2/13af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20250103-0010/af854a3a-2127-422b-91ae-364da2661108
-
https://support.f5.com/csp/article/K18352029af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://usn.ubuntu.com/3583-1/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://usn.ubuntu.com/3583-2/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34af854a3a-2127-422b-91ae-364da2661108 Mitigation Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4187af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36af854a3a-2127-422b-91ae-364da2661108 Release Notes Vendor Advisory
Severity Details
9.8
out of 10.0
Critical
Weakness Type (CWE)
CWE-416
Top 25 #12
Use After Free
- Description
- The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations…
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Variant
Key Information
- Published Date
- January 03, 2018
