Vulnerability Details : CVE-2017-9059
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2017-9059
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-9059
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2017-9059
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-9059
-
https://bugzilla.redhat.com/show_bug.cgi?id=1451386
1451386 – (CVE-2017-9059) CVE-2017-9059 kernel: Module reference leak due to improper shut down of callback channel on umountIssue Tracking;Patch
-
https://www.spinics.net/lists/linux-nfs/msg63334.html
[PATCH 0/2] Fix the NFSv4 client callback channel shutdown — Linux NFSMailing List;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/98551
Linux kernel CVE-2017-9059 Local Denial of Service Vulnerability
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c70422f760c120480fee4de6c38804c72aa26bc1
kernel/git/torvalds/linux.git - Linux kernel source treeIssue Tracking;Patch;Third Party Advisory
-
https://github.com/torvalds/linux/commit/c70422f760c120480fee4de6c38804c72aa26bc1
Merge tag 'nfsd-4.12' of git://linux-nfs.org/~bfields/linux · torvalds/linux@c70422f · GitHubIssue Tracking;Patch;Third Party Advisory
Products affected by CVE-2017-9059
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*