5.5

CVE-2017-18344

Exploit

EPSS 10.16%
Veröffentlicht 26.07.2018 19:29:00
Zuletzt bearbeitet 21.11.2024 03:19:53
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 4.14.8

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Redhat ≫ Mrg Realtime Version2.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version7.2

Redhat ≫ Enterprise Linux Server Aus Version7.3

Redhat ≫ Enterprise Linux Server Aus Version7.4

Redhat ≫ Enterprise Linux Server Eus Version7.3

Redhat ≫ Enterprise Linux Server Eus Version7.5

Redhat ≫ Enterprise Linux Server Tus Version7.2

Redhat ≫ Enterprise Linux Server Tus Version7.3

Redhat ≫ Enterprise Linux Server Tus Version7.4

Redhat ≫ Enterprise Linux Workstation Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	10.16%	0.928

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/errata/RHSA-2018:3083

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3096

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2948

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3540

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3586

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3590

Third Party Advisory

http://www.securityfocus.com/bid/104909

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1041414

Third Party Advisory

VDB Entry

https://access.redhat.com/errata/RHSA-2018:3459

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3591

Third Party Advisory

https://github.com/torvalds/linux/commit/cef31d9af908243421258f1df35a4a644604efbe

Patch

Third Party Advisory

https://usn.ubuntu.com/3742-1/

Third Party Advisory

https://usn.ubuntu.com/3742-2/

Third Party Advisory

https://www.exploit-db.com/exploits/45175/

Third Party Advisory

Exploit

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-18344

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-18344

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-18344

EUVD