CVE-2017-14489
published 2017-09-15CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by…
PriorityP424medium5.5CVSS 3.0
AVLACLPRLUINSUCNINAH
EXPLOIT
EPSS
1.16%
63.1th percentile
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 4.12.13-1 (bookworm) | linux 4.12.13-1 (bookworm) |
| linux | linux_kernel | <= 4.13.2 | — |
| linux | linux_kernel | >= 0 < 4.12.13-1 | 4.12.13-1 |
| linux | linux_kernel | >= 0 < 4.12.13-1 | 4.12.13-1 |
| linux | linux_kernel | >= 0 < 4.12.13-1 | 4.12.13-1 |
| linux | linux_kernel | >= 0 < 4.12.13-1 | 4.12.13-1 |
| linux | linux_kernel | >= 0 < 3.13.0-142.191 | 3.13.0-142.191 |
| linux | linux_kernel | >= 0 < 4.4.0-98.121 | 4.4.0-98.121 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_ubuntu7.8HIGH
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2018-02-23·CVSS 7.8
CVE-2017-0750 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that an out-of-bounds write vulnerability existed in the
Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could
construct a malicious file system that, when mounted, could cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-0750)
It was discovered that a race condition leading to a use-after-free
vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-0861)
It was discovered that the KVM implementation in the Linux kernel allowed
passthrough of the diagnostic I/O port 0x80. An attacke
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities
vendor_ubuntu·2018-02-23·CVSS 7.8
CVE-2017-0750 [HIGH] Linux kernel (Trusty HWE) vulnerabilities
Title: Linux kernel (Trusty HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.
It was discovered that an out-of-bounds write vulnerability existed in the
Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could
construct a malicious file system that, when mounted, could cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-0750)
It was discovered that a race condition leading to a use-after-free
vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A
local attacker could use this
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-11-21·CVSS 5.5
CVE-2017-1000255 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the KVM subsystem in the Linux kernel did not
properly keep track of nested levels in guest page tables. A local attacker
in a guest VM could use this to cause a denial of service (host OS crash)
or possibly execute arbitrary code in the host OS. (CVE-2017-12188)
It was discovered that on the PowerPC architecture, the kernel did not
properly sanitize the signal stack when handling sigreturn(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-1000255)
Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling cer
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-10-31·CVSS 6.5
CVE-2017-10911 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2017-10911)
Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_ADMIN could use this to cause a
denial of service (system crash). (CVE-2017-12153)
It was discovered that the nested KVM implementation in the Linux
kernel in some situations did not properly prevent second level guests
from r
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities
vendor_ubuntu·2017-10-31·CVSS 6.5
CVE-2017-10911 [MEDIUM] Linux kernel (Xenial HWE) vulnerabilities
Title: Linux kernel (Xenial HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2017-10911)
Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_
Red Hat
kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
vendor_redhat·2017-08-27·CVSS 5.5
CVE-2017-14489 [MEDIUM] CWE-787 kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
The iscsi_if_rx() function in 'drivers/scsi/scsi_transport_iscsi.c' in the Linux kernel from v2.6.24-rc1 through 4.13.2 allows local users to cause a denial of service (a system panic) by making a number of certain syscalls by leveraging incorrect length validation in the kernel code.
Package: kernel (Red Hat Enterprise Linux 5) - Not affected
Package: kernel (Red Hat Enterprise Linux 6) - Will not fix
Package: kernel (Red Hat Enterprise Linux 7) - Will not fix
Package: kernel-alt (Red Hat Enterprise Linux 7) - Affected
Pa
Debian
CVE-2017-14489: linux - The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux ker...
vendor_debian·2017·CVSS 5.5
CVE-2017-14489 [MEDIUM] CVE-2017-14489: linux - The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux ker...
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
Scope: local
bookworm: resolved (fixed in 4.12.13-1)
bullseye: resolved (fixed in 4.12.13-1)
forky: resolved (fixed in 4.12.13-1)
sid: resolved (fixed in 4.12.13-1)
trixie: resolved (fixed in 4.12.13-1)
GHSA
GHSA-9c72-6vp8-jx77: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi
ghsa_unreviewed·2022-05-14
CVE-2017-14489 [MEDIUM] CWE-20 GHSA-9c72-6vp8-jx77: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
OSV
linux vulnerabilities
osv·2018-02-23·CVSS 7.8
CVE-2017-0750 [HIGH] linux vulnerabilities
linux vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the
Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could
construct a malicious file system that, when mounted, could cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-0750)
It was discovered that a race condition leading to a use-after-free
vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-0861)
It was discovered that the KVM implementation in the Linux kernel allowed
passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM
could use this to cause a denial of service (system crash) in th
OSV
linux-lts-xenial vulnerabilities
osv·2017-10-31·CVSS 6.5
[MEDIUM] linux-lts-xenial vulnerabilities
linux-lts-xenial vulnerabilities
USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2017-10911)
Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_ADMIN could use this to cause a
denial of service (system crash). (CVE-2017-12153)
OSV
linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
osv·2017-10-31·CVSS 6.5
CVE-2017-10911 [MEDIUM] linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Anthony Perard discovered that the Xen virtual block driver did not
properly initialize some data structures before passing them to user space.
A local attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2017-10911)
Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_ADMIN could use this to cause a
denial of service (system crash). (CVE-2017-12153)
It was discovered that the nested KVM implementation in the Linux
kernel in some situations did not properly prevent second level guests
from reading and writ
OSV
CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi
osv·2017-09-15·CVSS 5.5
CVE-2017-14489 [MEDIUM] CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
No detection rules found.
Bugzilla
CVE-2017-14489 kernel: scsi: nlmsg not properly parsed in iscsi_if_rx function [fedora-all]
bugzilla·2017-09-11·CVSS 5.5
CVE-2017-14489 [MEDIUM] CVE-2017-14489 kernel: scsi: nlmsg not properly parsed in iscsi_if_rx function [fedora-all]
CVE-2017-14489 kernel: scsi: nlmsg not properly parsed in iscsi_if_rx function [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supp
Bugzilla
CVE-2017-14489 kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
bugzilla·2017-09-11·CVSS 5.5
CVE-2017-14489 [MEDIUM] CVE-2017-14489 kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
CVE-2017-14489 kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function
The iscsi_if_rx() function in 'drivers/scsi/scsi_transport_iscsi.c' in the Linux kernel since v2.6.24-rc1 through 4.13.2 allows local users to cause a denial of service (a system panic) by making a number of certain syscalls by leveraging incorrect length validation in the kernel code.
References:
http://seclists.org/oss-sec/2017/q3/506
A proposed upstream patch:
https://patchwork.kernel.org/patch/9923803/
Discussion:
Acknowledgments:
Name: ChunYu Wang (Red Hat)
---
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1490423]
---
This was fixed for Fedora with the 4.13.5 stable updates
http://www.debian.org/security/2017/dsa-3981http://www.securityfocus.com/bid/101011https://bugzilla.redhat.com/show_bug.cgi?id=1490421https://patchwork.kernel.org/patch/9923803/https://usn.ubuntu.com/3583-1/https://usn.ubuntu.com/3583-2/https://www.exploit-db.com/exploits/42932/http://www.debian.org/security/2017/dsa-3981http://www.securityfocus.com/bid/101011https://bugzilla.redhat.com/show_bug.cgi?id=1490421https://patchwork.kernel.org/patch/9923803/https://usn.ubuntu.com/3583-1/https://usn.ubuntu.com/3583-2/https://www.exploit-db.com/exploits/42932/
2017-09-15
Published