Vulnerability Details : CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.
Vulnerability category: Denial of service
Products affected by CVE-2017-9074
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-9074
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-9074
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-9074
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-9074
-
https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1
ipv6: Prevent overrun when parsing v6 header options · torvalds/linux@2423496 · GitHubPatch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:0169
RHSA-2018:0169 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.debian.org/security/2017/dsa-3886
Debian -- Security Information -- DSA-3886-1 linuxThird Party Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
http://www.securityfocus.com/bid/98577
Linux kernel CVE-2017-9074 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Security fixes in StruxureWare Data Center Expert v7.6.0 - User assistance for StruxureWare Data Center Expert 7.x - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, and NetBotzThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:1842
RHSA-2017:1842 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2077
RHSA-2017:2077 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2669
RHSA-2017:2669 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://patchwork.ozlabs.org/patch/763117/
[net-next] ipv6: Prevent overrun when parsing v6 header options - PatchworkPatch;Third Party Advisory
Jump to