First published: Wed Dec 20 2017(Updated: )
Last updated 29 November 2024
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <4.14.8 | 4.14.8 |
Android | ||
Linux Kernel | <3.2.97 | |
Linux Kernel | >=3.3<3.16.52 | |
Linux Kernel | >=3.17<3.18.89 | |
Linux Kernel | >=3.19<4.1.49 | |
Linux Kernel | >=4.2<4.4.107 | |
Linux Kernel | >=4.5<4.9.71 | |
Linux Kernel | >=4.10<4.14.8 | |
Debian Linux | =8.0 | |
Debian Linux | =9.0 | |
SUSE Linux | =42.2 | |
openSUSE Leap | =42.3 | |
SUSE Linux Enterprise Desktop | =12-sp2 | |
SUSE Linux Enterprise Desktop | =12-sp3 | |
SUSE Linux Enterprise Server | =11-extra | |
SUSE Linux Enterprise Server | =11-sp4 | |
SUSE Linux Enterprise Server | =12-sp2 | |
SUSE Linux Enterprise Server | =12-sp3 | |
SUSE Linux Enterprise Server | =12-sp2 | |
Ubuntu | =12.04 | |
Ubuntu | =14.04 | |
Ubuntu | =16.04 | |
Ubuntu | =17.10 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-17806 is a high-severity vulnerability due to improper validation in the HMAC implementation of the Linux kernel.
To fix CVE-2017-17806, upgrade to Linux kernel version 4.14.8 or later.
CVE-2017-17806 affects Linux kernel versions prior to 4.14.8, including multiple versions within the range of 3.2 to 4.14.7.
No, CVE-2017-17806 requires local access for exploitation due to its nature of attacking the HMAC implementation.
Systems running Linux kernels prior to version 4.14.8, especially those in sensitive environments, should be prioritized for patching against CVE-2017-17806.