CVE-2017-17053

Severity Score

7.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.

La función init_new_context en arch/x86/include/asm/mmu_context.h en el kernel de Linux en versiones anteriores a la 4.12.10 no gestiona errores de asignación de tablas LDT al bifurcar un nuevo proceso. Esto permite que un atacante local logre un uso de memoria previamente liberada o que, posiblemente, tenga otro impacto sin especificar ejecutando un programa especialmente manipulado. Esta vulnerabilidad solo afecta a los kernels construidos con CONFIG_MODIFY_LDT_SYSCALL=y.

*Credits: N/A

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-11-28 CVE Reserved
2017-11-29 CVE Published
2023-03-08 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-416: Use After Free

CAPEC

References (5)

URL	Tag	Source
http://www.securityfocus.com/bid/102010	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc	2023-06-21
https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc	2023-06-21

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2018:0676	2023-06-21
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10	2023-06-21

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.4.144 < 4.4.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.4.144 < 4.4.153"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.6 < 4.9.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.6 < 4.9.46"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 4.12.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.12.10"		-		Affected