CVE-2017-17805

Published: Dic 20, 2017 Last Modified: Apr 20, 2025 EU-VD ID: EUVD-2017-8956 Aliases: GSD-2017-17805
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH 7,2
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete

Description

AI Translation Available

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0005
Percentile
0,2th
Updated

EPSS Score Trend (Last 91 Days)

20

Improper Input Validation

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality Integrity
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: High
View CWE Details
Operating System

Leap by Opensuse

Product Information
Vendor Opensuse
Product Leap
Version 42.2
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.10 (inclusive)
To 4.14.8 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server For Raspberry Pi by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server For Raspberry Pi
Version 12
cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 11
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Desktop by Suse

Product Information
Vendor Suse
Product Linux Enterprise Desktop
Version 12
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 12
cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 17.10
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 2.6.25 (inclusive)
To 3.2.97 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.5 (inclusive)
To 4.9.71 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 11
cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.3 (inclusive)
To 3.16.52 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.17 (inclusive)
To 3.18.89 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Desktop by Suse

Product Information
Vendor Suse
Product Linux Enterprise Desktop
Version 12
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Leap by Opensuse Project

Product Information
Vendor Opensuse Project
Product Leap
Version 42.3
cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.2 (inclusive)
To 4.4.107 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.19 (inclusive)
To 4.1.49 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 12
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.…
Patch
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaa…
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:3083
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3096
https://access.redhat.com/errata/RHSA-2019:2473
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2473
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0e…
Patch
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a92506302050…
https://lists.debian.org/debian-lts-announce/2018/01/msg000…
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
https://usn.ubuntu.com/3617-1/
Third Party Advisory
https://usn.ubuntu.com/3617-1/
https://usn.ubuntu.com/3617-2/
Third Party Advisory
https://usn.ubuntu.com/3617-2/
https://usn.ubuntu.com/3617-3/
Third Party Advisory
https://usn.ubuntu.com/3617-3/
https://usn.ubuntu.com/3619-1/
Third Party Advisory
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
Third Party Advisory
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3620-1/
Third Party Advisory
https://usn.ubuntu.com/3620-1/
https://usn.ubuntu.com/3620-2/
Third Party Advisory
https://usn.ubuntu.com/3620-2/
https://usn.ubuntu.com/3632-1/
Third Party Advisory
https://usn.ubuntu.com/3632-1/
https://www.debian.org/security/2017/dsa-4073
Third Party Advisory
https://www.debian.org/security/2017/dsa-4073
https://www.debian.org/security/2018/dsa-4082
Third Party Advisory
https://www.debian.org/security/2018/dsa-4082
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14…
Issue Tracking Release Notes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
http://www.securityfocus.com/bid/102291
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102291
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.…
Patch
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaa…
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:3083
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3096
https://access.redhat.com/errata/RHSA-2019:2473
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2473
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0e…
Patch
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a92506302050…
https://lists.debian.org/debian-lts-announce/2018/01/msg000…
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
https://usn.ubuntu.com/3617-1/
Third Party Advisory
https://usn.ubuntu.com/3617-1/
https://usn.ubuntu.com/3617-2/
Third Party Advisory
https://usn.ubuntu.com/3617-2/
https://usn.ubuntu.com/3617-3/
Third Party Advisory
https://usn.ubuntu.com/3617-3/
https://usn.ubuntu.com/3619-1/
Third Party Advisory
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
Third Party Advisory
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3620-1/
Third Party Advisory
https://usn.ubuntu.com/3620-1/
https://usn.ubuntu.com/3620-2/
Third Party Advisory
https://usn.ubuntu.com/3620-2/
https://usn.ubuntu.com/3632-1/
Third Party Advisory
https://usn.ubuntu.com/3632-1/
https://www.debian.org/security/2017/dsa-4073
Third Party Advisory
https://www.debian.org/security/2017/dsa-4073
https://www.debian.org/security/2018/dsa-4082
Third Party Advisory
https://www.debian.org/security/2018/dsa-4082
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14…
Issue Tracking Release Notes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
http://www.securityfocus.com/bid/102291
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102291