CVE-2017-17806

Published: Dic 20, 2017 Last Modified: Apr 20, 2025 EU-VD ID: EUVD-2017-8957 Aliases: GSD-2017-17806
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH 7,2
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete

Description

AI Translation Available

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 90 Days)

787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Operating System

Leap by Opensuse

Product Information
Vendor Opensuse
Product Leap
Version 42.2
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.10 (inclusive)
To 4.14.8 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
To 3.2.97 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server For Raspberry Pi by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server For Raspberry Pi
Version 12
cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 11
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Desktop by Suse

Product Information
Vendor Suse
Product Linux Enterprise Desktop
Version 12
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 12
cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 17.10
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.5 (inclusive)
To 4.9.71 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 11
cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.3 (inclusive)
To 3.16.52 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.17 (inclusive)
To 3.18.89 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Desktop by Suse

Product Information
Vendor Suse
Product Linux Enterprise Desktop
Version 12
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Leap by Opensuse Project

Product Information
Vendor Opensuse Project
Product Leap
Version 42.3
cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.2 (inclusive)
To 4.4.107 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.19 (inclusive)
To 4.1.49 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 12
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.…
Patch
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff…
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1…
Patch
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1a448542e73abb4c8ceb6…
https://lists.debian.org/debian-lts-announce/2018/01/msg000…
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
https://usn.ubuntu.com/3583-1/
Third Party Advisory
https://usn.ubuntu.com/3583-1/
https://usn.ubuntu.com/3583-2/
Third Party Advisory
https://usn.ubuntu.com/3583-2/
https://usn.ubuntu.com/3617-1/
Third Party Advisory
https://usn.ubuntu.com/3617-1/
https://usn.ubuntu.com/3617-2/
Third Party Advisory
https://usn.ubuntu.com/3617-2/
https://usn.ubuntu.com/3617-3/
Third Party Advisory
https://usn.ubuntu.com/3617-3/
https://usn.ubuntu.com/3619-1/
Third Party Advisory
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
Third Party Advisory
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3632-1/
Third Party Advisory
https://usn.ubuntu.com/3632-1/
https://www.debian.org/security/2017/dsa-4073
Third Party Advisory
https://www.debian.org/security/2017/dsa-4073
https://www.debian.org/security/2018/dsa-4082
Third Party Advisory
https://www.debian.org/security/2018/dsa-4082
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14…
Issue Tracking Release Notes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
http://www.securityfocus.com/bid/102293
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102293
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.…
Patch
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff…
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-0…
Issue Tracking Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1…
Patch
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1a448542e73abb4c8ceb6…
https://lists.debian.org/debian-lts-announce/2018/01/msg000…
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
https://usn.ubuntu.com/3583-1/
Third Party Advisory
https://usn.ubuntu.com/3583-1/
https://usn.ubuntu.com/3583-2/
Third Party Advisory
https://usn.ubuntu.com/3583-2/
https://usn.ubuntu.com/3617-1/
Third Party Advisory
https://usn.ubuntu.com/3617-1/
https://usn.ubuntu.com/3617-2/
Third Party Advisory
https://usn.ubuntu.com/3617-2/
https://usn.ubuntu.com/3617-3/
Third Party Advisory
https://usn.ubuntu.com/3617-3/
https://usn.ubuntu.com/3619-1/
Third Party Advisory
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
Third Party Advisory
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3632-1/
Third Party Advisory
https://usn.ubuntu.com/3632-1/
https://www.debian.org/security/2017/dsa-4073
Third Party Advisory
https://www.debian.org/security/2017/dsa-4073
https://www.debian.org/security/2018/dsa-4082
Third Party Advisory
https://www.debian.org/security/2018/dsa-4082
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14…
Issue Tracking Release Notes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
http://www.securityfocus.com/bid/102293
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102293