CVE-2017-14106
kernel: Divide-by-zero in __tcp_select_window
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
La función tcp_disconnect en net/ipv4/tcp.c en el kernel de Linux en versiones anteriores a la 4.12 permite que usuarios locales provoquen una denegación de servicio allows local users to cause a denial of service (error __tcp_select_window de división por cero y bloqueo del sistema) desencadenando una desconexión en una ruta de código tcp_recvmsg determinada.
A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-01 CVE Reserved
- 2017-09-01 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-369: Divide By Zero
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100878 | Vdb Entry | |
| http://www.securitytracker.com/id/1039549 | Vdb Entry | |
| https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html | 2023-11-07 | |
| http://www.debian.org/security/2017/dsa-3981 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2017:2918 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2017:2930 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2017:2931 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2017:3200 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2018:2172 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2017-14106 | 2018-07-11 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1487295 | 2018-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 4.11.12 Search vendor "Linux" for product "Linux Kernel" and version " <= 4.11.12" | - |
Affected
| ||||||