CVE-2017-18551
First published: Sun Aug 18 2019(Updated: )
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.rt56.1131.el7 | 0:3.10.0-1160.rt56.1131.el7 |
| redhat/kernel-alt | <0:4.14.0-115.21.2.el7a | 0:4.14.0-115.21.2.el7a |
| redhat/kernel | <0:3.10.0-1160.el7 | 0:3.10.0-1160.el7 |
| redhat/kernel | <0:3.10.0-693.81.1.el7 | 0:3.10.0-693.81.1.el7 |
| redhat/kernel | <0:3.10.0-957.65.1.el7 | 0:3.10.0-957.65.1.el7 |
| redhat/kernel | <0:3.10.0-1062.40.1.el7 | 0:3.10.0-1062.40.1.el7 |
| Linux Kernel | <4.14.15 | |
| SUSE Linux | =15.0 | |
| SUSE Linux | =15.1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2017-18551 https://nvd.nist.gov/vuln/detail/CVE-2017-18551
- https://bugzilla.redhat.com/show_bug.cgi?id=1757368
- https://access.redhat.com/errata/RHSA-2020:4062
- https://access.redhat.com/errata/RHSA-2020:2104
- https://access.redhat.com/errata/RHSA-2020:4060
- https://access.redhat.com/errata/RHSA-2020:5430
- https://access.redhat.com/errata/RHSA-2020:5656
- https://access.redhat.com/errata/RHSA-2020:5206
- https://access.redhat.com/security/cve/cve-2017-18551
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89c6efa61f5709327ecfa24bff18e57a4e80c7fa
- https://support.f5.com/csp/article/K48073202?utm_source=f5support&utm_medium=RSS
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1757369
- https://support.f5.com/csp/article/K48073202?utm_source=f5support&%3Butm_medium=RSS
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2017-18551?
CVE-2017-18551 has a moderate severity level due to the potential for out of bounds memory access.
How do I fix CVE-2017-18551?
To mitigate CVE-2017-18551, update to a patched version of the Linux kernel as specified in the vulnerability details.
Which versions of the Linux kernel are affected by CVE-2017-18551?
CVE-2017-18551 affects Linux kernel versions prior to 4.14.15.
Is CVE-2017-18551 specific to any Linux distribution?
Yes, CVE-2017-18551 impacts various distributions including Red Hat and openSUSE.
What component of the Linux kernel is affected by CVE-2017-18551?
CVE-2017-18551 affects the I2C subsystem, specifically the i2c_smbus_xfer_emulated function in the Linux kernel.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-18551
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- vendor/opensuse
- canonical/suse linux
- version/suse linux/15.0
- version/suse linux/15.1