CVE-2017-6001
kernel: Race condition between multiple sys_perf_event_open() calls
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.
Condición de carrera en kernel/events/core.c en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace llamadas concurrentes al sistema perf_event_open para mover un grupo de software en un contexto hardware. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2016-6786.
It was found that the original fix for CVE-2016-6786 was incomplete. There exist a race between two concurrent sys_perf_event_open() calls when both try and move the same pre-existing software group into a hardware context.
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-02-15 CVE Reserved
- 2017-02-18 CVE Published
- 2024-08-05 CVE Updated
- 2025-05-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/96264 | Third Party Advisory | |
| https://source.android.com/security/bulletin/pixel/2017-11-01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3791 | 2024-02-09 | |
| http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 | 2024-02-09 | |
| https://access.redhat.com/errata/RHSA-2017:1842 | 2024-02-09 | |
| https://access.redhat.com/errata/RHSA-2017:2077 | 2024-02-09 | |
| https://access.redhat.com/errata/RHSA-2017:2669 | 2024-02-09 | |
| https://access.redhat.com/errata/RHSA-2018:1854 | 2024-02-09 | |
| https://access.redhat.com/security/cve/CVE-2017-6001 | 2018-06-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.18.54 < 3.18.92 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.18.54 < 3.18.92" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.0 < 4.4.65 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.0 < 4.4.65" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.9.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.7" | - |
Affected
| ||||||