Vulnerability Details : CVE-2017-12190
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.
Products affected by CVE-2017-12190
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-12190
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12190
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
2.0
|
4.0
|
NIST |
CWE ids for CVE-2017-12190
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: secalert@redhat.com (Primary)
-
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.Assigned by: nvd@nist.gov (Secondary)
References for CVE-2017-12190
-
https://github.com/torvalds/linux/commit/95d78c28b5a85bacbc29b8dba7c04babb9b0d467
fix unbalanced page refcounting in bio_map_user_iov · torvalds/linux@95d78c2 · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1495089
1495089 – (CVE-2017-12190) CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectorsIssue Tracking;Patch;Third Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8
Issue Tracking;Third Party Advisory
-
https://support.f5.com/csp/article/K93472064?utm_source=f5support&%3Butm_medium=RSS
Linux kernel vulnerability CVE-2017-12190
-
https://access.redhat.com/errata/RHSA-2019:1170
RHSA-2019:1170 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2018:1854
RHSA-2018:1854 - Security Advisory - Red Hat Customer Portal
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95d78c28b5a85bacbc29b8dba7c04babb9b0d467
kernel/git/torvalds/linux.git - Linux kernel source treeIssue Tracking;Patch;Vendor Advisory
-
https://usn.ubuntu.com/3583-1/
USN-3583-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058
kernel/git/torvalds/linux.git - Linux kernel source treeIssue Tracking;Patch;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
[SECURITY] [DLA 1200-1] linux security update
-
https://access.redhat.com/errata/RHSA-2018:0676
RHSA-2018:0676 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/101911
Linux kernel 'block/bio.c' Multiple Local Information Disclosure VulnerabilitiesIssue Tracking;Third Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:1062
RHSA-2018:1062 - Security Advisory - Red Hat Customer Portal
-
https://github.com/torvalds/linux/commit/2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058
more bio_map_user_iov() leak fixes · torvalds/linux@2b04e8f · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://usn.ubuntu.com/3582-2/
USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security notices
-
http://seclists.org/oss-sec/2017/q4/52
oss-sec: CVE-2017-12190: Linux kernel: block: memory leak when merging small consecutive buffers in SCSI IO vectorsIssue Tracking;Mailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:0654
RHSA-2018:0654 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/3582-1/
USN-3582-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://usn.ubuntu.com/3583-2/
USN-3583-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices
-
https://access.redhat.com/errata/RHSA-2019:1190
RHSA-2019:1190 - Security Advisory - Red Hat Customer Portal
Jump to