CVE-2017-2647

CVSS V2 High 7.2 CVSS V3 High 7.8

Description

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.

Overview

CVE ID
CVE-2017-2647

Assigner
secalert@redhat.com

Vulnerability Status
Modified

Published Version
2017-03-31T04:59:00

Last Modified Date
2023-02-12T23:29:38

Weakness Enumerations

CWE	URL
CWE-476	http://cwe.mitre.org/data/definitions/476.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:o:linux:linux_kernel::::::::	1	OR		3.17.8

CVSS Version 2

Version
2.0

Vector String
AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector
LOCAL

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
COMPLETE

Integrity Impact
COMPLETE

Availability Impact
COMPLETE

Base Score
7.2

Severity
HIGH

Exploitability Score
3.9

Impact Score
10

CVSS Version 3

Version
3.0

Vector String
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector
LOCAL

Attack Compatibility
LOW

Privileges Required
LOW

User Interaction
NONE

Scope
UNCHANGED

Confidentiality Impact
HIGH

Availability Impact
HIGH

Base Score
7.8

Base Severity
HIGH

Exploitability Score
1.8

Impact Score
5.9

References

Reference URL	Reference Tags
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81	Issue Tracking Patch Third Party Advisory
http://www.securityfocus.com/bid/97258	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1842
https://access.redhat.com/errata/RHSA-2017:2077
https://access.redhat.com/errata/RHSA-2017:2437
https://access.redhat.com/errata/RHSA-2017:2444
https://access.redhat.com/errata/RHSA-2020:3548
https://access.redhat.com/errata/RHSA-2020:3836
https://access.redhat.com/security/cve/CVE-2017-2647
https://bugzilla.redhat.com/show_bug.cgi?id=1428353	Issue Tracking Patch
https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81	Issue Tracking Patch Third Party Advisory
https://usn.ubuntu.com/3849-1/
https://usn.ubuntu.com/3849-2/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2017-2647
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2647

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 17:48:16				Added to TrackCVE
2022-12-02 15:16:30	2017-03-31T04:59Z	2017-03-31T04:59:00	CVE Published Date	updated
2022-12-02 15:16:30		2019-01-15T11:29:00	CVE Modified Date	updated
2022-12-02 15:16:30		Modified	Vulnerability Status	updated
2023-02-02 23:06:05		2023-02-02T21:17:43	CVE Modified Date	updated
2023-02-02 23:06:05	The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.	A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.	Description	updated
2023-02-02 23:06:06			References	updated
2023-02-13 00:06:14		2023-02-12T23:29:38	CVE Modified Date	updated
2023-02-13 00:06:14	A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.	The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.	Description	updated