CVE-2017-18203
kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
La función dm_get_from_kobject en drivers/md/dm.c en el kernel de Linux, en versiones anteriores a la 4.14.3, permite que usuarios locales provoquen una denegación de servicio (bug) aprovechando una condición de carrera en __dm_destroy durante la creación y eliminación de dispositivos DM.
The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices. Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for dm device creation and removal and this would typically be outside the direct control of the unprivileged attacker.
Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service or possibly gain administrative privileges in the host. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-27 CVE Reserved
- 2018-02-27 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103184 | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:0676 | 2018-06-20 | |
| https://access.redhat.com/errata/RHSA-2018:1062 | 2018-06-20 | |
| https://access.redhat.com/errata/RHSA-2018:1854 | 2018-06-20 | |
| https://access.redhat.com/errata/RHSA-2019:4154 | 2018-06-20 | |
| https://usn.ubuntu.com/3619-1 | 2018-06-20 | |
| https://usn.ubuntu.com/3619-2 | 2018-06-20 | |
| https://usn.ubuntu.com/3653-1 | 2018-06-20 | |
| https://usn.ubuntu.com/3653-2 | 2018-06-20 | |
| https://usn.ubuntu.com/3655-1 | 2018-06-20 | |
| https://usn.ubuntu.com/3655-2 | 2018-06-20 | |
| https://usn.ubuntu.com/3657-1 | 2018-06-20 | |
| https://www.debian.org/security/2018/dsa-4187 | 2018-06-20 | |
| https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.3 | 2018-06-20 | |
| https://access.redhat.com/security/cve/CVE-2017-18203 | 2019-12-10 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1550811 | 2019-12-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.14.3 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.3" | - |
Affected
| ||||||