CVE-2017-7374 : Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 all

Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.

Published 2017-03-31 20:59:00

Updated 2023-02-14 21:38:05

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2017-7374

Linux » Linux Kernel
Versions from including (>=) 4.10 and before (<) 4.10.7
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.2 and before (<) 4.4.59
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.9.20
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2017-7374

Top countries where our scanners detected CVE-2017-7374

Top open port discovered on systems with this issue 49152

IPs affected by CVE-2017-7374 580

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2017-7374!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2017-7374

EPSS FAQ

0.35%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 57 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-7374

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-7374

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-7374

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1b53cf9815bb4744958d41f3795d5d5a1d365e2d

kernel/git/torvalds/linux.git - Linux kernel source tree
Patch;Third Party Advisory
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.7

Release Notes;Vendor Advisory
http://www.securityfocus.com/bid/97308

Linux Kernel CVE-2017-7374 Local Denial of Service Vulnerability
Third Party Advisory;VDB Entry
https://source.android.com/security/bulletin/2017-10-01

Android Security Bulletin—October 2017 | Android Open Source Project
Third Party Advisory

CVEs referencing this url
https://github.com/torvalds/linux/commit/1b53cf9815bb4744958d41f3795d5d5a1d365e2d

fscrypt: remove broken support for detecting keyring key revocation · torvalds/linux@1b53cf9 · GitHub
Patch;Third Party Advisory