CVE-2017-18017

CWE-416Use After FreeCWE-119Buffer Overflow10 documents8 sources
Severity
9.8CRITICAL
EPSS
34.3%
top 3.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
Linux Linux KernelF5 ARXArista EOS+25 more
Timeline
PublishedJan 3
Latest updateApr 30

Description

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages22 packages

NVDlinux/linux_kernel3.23.2.99+7
Debianlinux< 4.11.6-1+3

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, Enterprise Linux 7.3, 7.4, 7.6, 7.7, 7

Patches

Patch: git.kernel.orgPatch: patchwork.ozlabs.orgPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-3fj5-q6p4-25m2: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS2022-04-30
OSV
CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS2018-01-03
CVEList
CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS2018-01-03

📋Vendor Advisories

4
Ubuntu
Linux kernel vulnerabilities2018-02-23
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities2018-02-23
Red Hat
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c2018-01-03
Debian
CVE-2017-18017: linux - The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kern...2017

💬Community

2
Bugzilla
CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c2018-01-04
Bugzilla
CVE-2017-18017 kernel: netfilter: User-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c [fedora-all]2018-01-04