CVE-2017-18509Improper Input Validation in Kernel

CWE-20Improper Input ValidationCWE-843Type Confusion13 documents9 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelDebian LinuxCanonical Ubuntu Linux+2 more
Timeline
PublishedAug 13
Latest updateMar 14

Description

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appro

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

NVDlinux/linux_kernel3.174.4.187+3
Debianlinux/linux_kernel< 4.11.6-1+3
Ubuntulinux/linux_kernel< 4.4.0-165.193
debiandebian/linux< linux 4.11.6-1 (bookworm)

Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 16.04

Patches

Patch: git.kernel.orgPatch: github.comPatch: git.kernel.org

🔴Vulnerability Details

4
GHSA
GHSA-32qx-4wxm-fcw8: An issue was discovered in net/ipv6/ip6mr2022-05-24
OSV
CVE-2017-18509: In ip6_mroute_setsockopt and related functions of ip6mr2021-02-01
OSV
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities2019-10-01
OSV
CVE-2017-18509: An issue was discovered in net/ipv6/ip6mr2019-08-13

📋Vendor Advisories

5
CISA ICS
Siemens SIMATIC2024-03-14
Android
CVE-2017-18509: IPv6 multicast2021-02-01
Ubuntu
Linux kernel vulnerabilities2019-10-01
Red Hat
kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution2019-08-20
Debian
CVE-2017-18509: linux - An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By ...2017

💬Community

3
Bugzilla
CVE-2017-18509 kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution [fedora-all]2019-08-21
Bugzilla
CVE-2017-18509 kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution [fedora-all]2019-08-21
Bugzilla
CVE-2017-18509 kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution2019-08-20