First published: Tue Aug 13 2019(Updated: )
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.16.72 | |
Linux Linux kernel | >=3.17<4.4.187 | |
Linux Linux kernel | >=4.5<4.9.187 | |
Linux Linux kernel | >=4.10<4.11 | |
Canonical Ubuntu Linux | =16.04 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Google Android | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2017-18509.
CVE-2017-18509 has a severity level of high.
CVE-2017-18509 affects various versions of the Linux kernel, including linux-gcp, linux-gcp-edge, linux-gke-4.15, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge, linux-gke-5.0, linux-hwe, linux-hwe-edge, linux-kvm, linux-lts-trusty, linux-lts-xenial, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, and Google Android.
An attacker can exploit CVE-2017-18509 by setting a specific socket option, which allows them to control a pointer in the kernel and potentially execute arbitrary code.
Yes, there are patches available to fix CVE-2017-18509. Please refer to the relevant sources for more information and updates.