CVE-2017-15115Use After Free in Kernel

CWE-416Use After Free16 documents8 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 89.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelCanonical Ubuntu LinuxDebian Linux+1 more
Timeline
PublishedNov 15
Latest updateMay 14

Description

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel3.33.16.51+6
Debianlinux/linux_kernel< 4.13.13-1+3

Also affects: Debian Linux 7.0, Ubuntu Linux 12.04, 14.04, 16.04, 17.10

Patches

Patch: git.kernel.orgPatch: bugzilla.redhat.comPatch: github.com

🔴Vulnerability Details

4
GHSA
GHSA-chgx-7ppx-v6gh: The sctp_do_peeloff function in net/sctp/socket2022-05-14
OSV
linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities2018-02-22
OSV
CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket2017-11-15
CVEList
CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket2017-11-15

📋Vendor Advisories

9
Ubuntu
Linux kernel (Raspberry Pi 2) vulnerabilities2018-02-23
Ubuntu
Linux kernel vulnerabilities2018-02-23
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities2018-02-23
Ubuntu
Linux kernel vulnerabilities2018-02-22
Ubuntu
Linux kernel (HWE) vulnerabilities2018-02-22

💬Community

2
Bugzilla
CVE-2017-15115 kernel: use-after-free in sctp_cmp_addr_exact [fedora-all]2017-11-15
Bugzilla
CVE-2017-15115 kernel: use-after-free in sctp_cmp_addr_exact2017-11-15
CVE-2017-15115 — Use After Free in Linux Kernel | cvebase