CVE-2017-2634NULL Pointer Dereference in Kernel

CWE-476NULL Pointer DereferenceCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
7.5HIGHNVD
EPSS
3.7%
top 12.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelLinux KernelRedhat Enterprise Linux Desktop+3 more
Timeline
PublishedJul 27
Latest updateMay 13

Description

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel< 2.6.22.17
Ubuntulinux/linux_kernel< 3.11.0-12.19+1
CVEListV5linux/kernel2.6.22.17

Also affects: Enterprise Linux 5.6, 5.9

Patches

Patch: bugzilla.redhat.comPatch: git.kernel.orgPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-qmpj-vx37-329m: It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 22022-05-13
OSV
CVE-2017-2634: It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 22018-07-27
CVEList
CVE-2017-2634: It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 22018-07-27

📋Vendor Advisories

2
Red Hat
kernel: dccp: crash while sending ipv6 reset packet2017-02-24
Debian
CVE-2017-2634: linux - It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP)...2017

💬Community

1
Bugzilla
CVE-2017-2634 kernel: dccp: crash while sending ipv6 reset packet2017-02-19
CVE-2017-2634 — NULL Pointer Dereference in Kernel | cvebase