Vulnerability Details : CVE-2017-6964
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.
Vulnerability category: Execute code
Products affected by CVE-2017-6964
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6964
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6964
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-01-21 |
CWE ids for CVE-2017-6964
-
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6964
-
https://launchpad.net/bugs/1673627
Bug #1673627 “dmcrypt-get-device does not check the return value... : Bugs : eject package : UbuntuIssue Tracking;Third Party Advisory
-
https://www.ubuntu.com/usn/usn-3246-1/
USN-3246-1: Eject vulnerability | Ubuntu security noticesVendor Advisory
-
http://www.debian.org/security/2017/dsa-3823
Debian -- Security Information -- DSA-3823-1 ejectThird Party Advisory
-
http://www.securityfocus.com/bid/97154
Eject dmcrypt-get-device CVE-2017-6964 Local Code Execution VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
https://www.debian.org/security/2017/dsa-3823
Debian -- Security Information -- DSA-3823-1 ejectThird Party Advisory
Jump to