cbcvebase.
CVE-2017-11176
published 2017-07-11

CVE-2017-11176: The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a…

PriorityP342high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.63%
88.1th percentile
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

Affected

17 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debianlinux< linux 4.11.11-1 (bookworm)linux 4.11.11-1 (bookworm)
linuxlinux_kernel< 3.2.923.2.92
linuxlinux_kernel>= 0 < 4.11.11-14.11.11-1
linuxlinux_kernel>= 0 < 4.11.11-14.11.11-1
linuxlinux_kernel>= 0 < 4.11.11-14.11.11-1
linuxlinux_kernel>= 0 < 4.11.11-14.11.11-1
linuxlinux_kernel>= 0 < 3.13.0-135.1843.13.0-135.184
linuxlinux_kernel>= 0 < 4.4.0-93.1164.4.0-93.116
linuxlinux_kernel>= 3.17 < 3.18.613.18.61
linuxlinux_kernel>= 3.19 < 4.1.434.1.43
linuxlinux_kernel>= 3.3 < 3.16.473.16.47
linuxlinux_kernel>= 4.10 < 4.11.114.11.11
linuxlinux_kernel>= 4.12 < 4.12.24.12.2
linuxlinux_kernel>= 4.2 < 4.4.774.4.77
linuxlinux_kernel>= 4.5 < 4.9.384.9.38

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.