CVE-2017-7889
kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.
El subsistema mm en el kernel de Linux hasta la versión 3.2 no aplica adecuadamente el mecanismo de protección CONFIG_STRICT_DEVMEM, lo que permite a usuarios locales leer o escribir en ubicaciones de la memoria del kernel en el primer megabyte (y eludir restricciones de acceso de asignación de slab) a través de una aplicación que abre el archivo /dev/mem, relacionado con arch/x86/mm/init.c y drivers/char/mem.c
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-16 CVE Reserved
- 2017-04-17 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-391: Unchecked Error Condition
- CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/97690 | Third Party Advisory | |
| https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3945 | 2023-02-14 | |
| https://access.redhat.com/errata/RHSA-2017:1842 | 2023-02-14 | |
| https://access.redhat.com/errata/RHSA-2017:2077 | 2023-02-14 | |
| https://access.redhat.com/errata/RHSA-2017:2669 | 2023-02-14 | |
| https://access.redhat.com/errata/RHSA-2018:1854 | 2023-02-14 | |
| https://usn.ubuntu.com/3583-1 | 2023-02-14 | |
| https://usn.ubuntu.com/3583-2 | 2023-02-14 | |
| https://access.redhat.com/security/cve/CVE-2017-7889 | 2018-06-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1444493 | 2018-06-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.2.91 Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.91" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.10.107 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.10.107" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.74" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.16.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.16.46" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.17 < 3.18.50 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 3.18.50" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.19 < 4.1.41 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.41" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.2 < 4.4.63 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.63" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.9.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.24" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 4.10.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.10.12" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||