Vulnerability Details : CVE-2017-18218
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2017-18218
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-18218
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-18218
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-18218
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-18218
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
https://www.debian.org/security/2018/dsa-4188
Debian -- Security Information -- DSA-4188-1 linuxThird Party Advisory
-
https://github.com/torvalds/linux/commit/27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2
net: hns: Fix a skb used after free bug · torvalds/linux@27463ad · GitHubPatch;Third Party Advisory
-
http://www.securityfocus.com/bid/103277
Linux Kernel 'drivers/net/ethernet/hisilicon/hns/hns_enet.c' Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to