cbcvebase.
CVE-2017-16939
published 2017-11-24

CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of…

PriorityP347high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
2.15%
79.8th percentile
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

Affected

16 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianlinux< linux 4.13.13-1 (bookworm)linux 4.13.13-1 (bookworm)
linuxlinux_kernel>= 0 < 4.13.13-14.13.13-1
linuxlinux_kernel>= 0 < 4.13.13-14.13.13-1
linuxlinux_kernel>= 0 < 4.13.13-14.13.13-1
linuxlinux_kernel>= 0 < 4.13.13-14.13.13-1
linuxlinux_kernel>= 0 < 3.13.0-137.1863.13.0-137.186
linuxlinux_kernel>= 0 < 4.4.0-104.1274.4.0-104.127
linuxlinux_kernel>= 0 < 4.4.0-103.1264.4.0-103.126
linuxlinux_kernel>= 2.6.28 < 3.2.973.2.97
linuxlinux_kernel>= 3.17 < 3.18.863.18.86
linuxlinux_kernel>= 3.19 < 4.1.484.1.48
linuxlinux_kernel>= 3.3 < 3.16.523.16.52
linuxlinux_kernel>= 4.10 < 4.13.114.13.11
linuxlinux_kernel>= 4.2 < 4.4.1044.4.104
linuxlinux_kernel>= 4.5 < 4.9.604.9.60

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.