CVE-2017-2671
Linux Kernel - 'ping' Local Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.
En LightDM en versiones hasta 1.22.0, un problema de directorio transversal en debian/guest-account.sh permite a atacantes locales allows local attackers poseer ubicaciones de ruta de directorio arbitrarias y escalar privilegios a raĆz cuando el usuario invitado se cierra.
A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system.
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-01 CVE Reserved
- 2017-04-05 CVE Published
- 2017-06-08 First Exploit
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://openwall.com/lists/oss-security/2017/04/04/8 | Mailing List | |
| http://www.securityfocus.com/bid/97407 | Third Party Advisory | |
| https://github.com/danieljiang0415/android_kernel_crash_poc | Third Party Advisory | |
| https://twitter.com/danieljiang0415/status/845116665184497664 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/142872 | 2017-06-08 | |
| https://www.exploit-db.com/exploits/42135 | 2024-08-05 | |
| https://github.com/homjxi0e/CVE-2017-2671 | 2017-06-08 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:1842 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2077 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2669 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2018:1854 | 2023-02-12 | |
| https://usn.ubuntu.com/3754-1 | 2023-02-12 | |
| https://access.redhat.com/security/cve/CVE-2017-2671 | 2018-06-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1436649 | 2018-06-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 4.10.8 Search vendor "Linux" for product "Linux Kernel" and version " <= 4.10.8" | - |
Affected
| ||||||