CVE-2017-14140
kernel: Missing permission check in move_pages system call
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
La llamada al sistema move_pages en mm/migrate.c en versiones anteriores a la 4.12.9 del kernel Linux no verifica correctamente el id de usuario del proceso objetivo. Esto permite que un atacante local aprenda la distribuciĆ³n de la memoria de un ejecutable setuid a pesar de la ASLR.
The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-05 CVE Reserved
- 2017-09-05 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-863: Incorrect Authorization
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/100876 | Vdb Entry | |
https://source.android.com/security/bulletin/pixel/2018-01-01 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.debian.org/security/2017/dsa-3981 | 2018-04-12 | |
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9 | 2018-04-12 | |
https://access.redhat.com/errata/RHSA-2018:0676 | 2018-04-12 | |
https://access.redhat.com/errata/RHSA-2018:1062 | 2018-04-12 | |
https://usn.ubuntu.com/3583-1 | 2018-04-12 | |
https://usn.ubuntu.com/3583-2 | 2018-04-12 | |
https://access.redhat.com/security/cve/CVE-2017-14140 | 2018-04-10 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1488329 | 2018-04-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 4.12.8 Search vendor "Linux" for product "Linux Kernel" and version " <= 4.12.8" | - |
Affected
|