CVE-2017-18017

CVSS v3.1 9.8 (Critical)

CVSS v2.0 10 (High)

EPSS 95.38 % (99^th)

Affected Products 29

Advisories 20

NVD Status Analyzed

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: MITRE
Published Date: 2018-01-03 06:29:00
(6 years ago)
Updated Date: 2024-04-24 13:40:09
(4 months ago)

Affected Products

Arista

Canonical

Ubuntu Linux

Debian

Debian Linux

F5

Redhat

Suse

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.2 version and prior 3.2.99 version	cpe:2.3:o:linux:linux_kernel	>= 3.2	< 3.2.99
Linux Kernel from 3.3 version and prior 3.10.108 version	cpe:2.3:o:linux:linux_kernel	>= 3.3	< 3.10.108
Linux Kernel from 3.11 version and prior 3.16.54 version	cpe:2.3:o:linux:linux_kernel	>= 3.11	< 3.16.54
Linux Kernel from 3.17 version and prior 3.18.60 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.60
Linux Kernel from 3.19 version and prior 4.1.43 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.43
Linux Kernel from 4.2 version and prior 4.4.76 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.76
Linux Kernel from 4.5 version and prior 4.9.36 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.9.36
Linux Kernel from 4.10 version and prior 4.11 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.11

Configuration #2

		CPE23	From	Up To
	Debian Linux 7.0	cpe:2.3:o:debian:debian_linux:7.0
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #3

		CPE23	From	Up To
	Arista Eos 4.20.1fx-virtual-router	cpe:2.3:o:arista:eos:4.20.1fx-virtual-router

Configuration #4

		CPE23	From	Up To
	F5 Arx from 6.2.0 version and 6.4.0 and prior versions	cpe:2.3:a:f5:arx	>= 6.2.0	<= 6.4.0

Configuration #5

		CPE23	From	Up To
	Suse Caas Platform	cpe:2.3:a:suse:caas_platform
	Suse Linux Enterprise Debuginfo 11 SP3	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3
	Suse Linux Enterprise Debuginfo 11 SP4	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4
	Suse Linux Enterprise Module for Public Cloud 12	cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12
	Suse Linux Enterprise Point Of Sale 11 SP3	cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3
	Suse Openstack Cloud 6	cpe:2.3:a:suse:openstack_cloud:6
	Opensuse Leap 42.3	cpe:2.3:o:opensuse:leap:42.3
	Suse Linux Enterprise Desktop 12 SP2	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2
	Suse Linux Enterprise Desktop 12 SP3	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3
	Suse Linux Enterprise High Availability 12 SP2	cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2
	Suse Linux Enterprise High Availability 12 SP3	cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp3
	Suse Linux Enterprise High Availability Extension 11 SP4	cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp4
	Suse Linux Enterprise Live Patching 12	cpe:2.3:o:suse:linux_enterprise_live_patching:12:-
	Suse Linux Enterprise Live Patching 12 SP3	cpe:2.3:o:suse:linux_enterprise_live_patching:12:sp3
	Suse Linux Enterprise Real Time Extension 11 SP4	cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4
	Suse Linux Enterprise Real Time Extension 12 SP2	cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp2
	Suse Linux Enterprise Real Time Extension 12 SP3	cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp3
	Suse Linux Enterprise Server 11 SP3	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:::ltss
	Suse Linux Enterprise Server 11 SP4	cpe:2.3:o:suse:linux_enterprise_server:11:sp4
	Suse Linux Enterprise Server 12	cpe:2.3:o:suse:linux_enterprise_server:12:::*:ltss
	Suse Linux Enterprise Server 12 SP1 for Sap	cpe:2.3:o:suse:linux_enterprise_server:12:sp1:::*:sap
	Suse Linux Enterprise Server 12 SP1	cpe:2.3:o:suse:linux_enterprise_server:12:sp1:::ltss
	Suse Linux Enterprise Server 12 SP2	cpe:2.3:o:suse:linux_enterprise_server:12:sp2
	Suse Linux Enterprise Server 12 SP2 on Raspberry Pi	cpe:2.3:o:suse:linux_enterprise_server:12:sp2:::::raspberry_pi
	Suse Linux Enterprise Server 12 SP3 For	cpe:2.3:o:suse:linux_enterprise_server:12:sp3:::-:-
	Suse Linux Enterprise Software Development Kit 11 SP4	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4
	Suse Linux Enterprise Software Development Kit 12 SP2	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2
	Suse Linux Enterprise Software Development Kit 12 SP3	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp3
	Suse Linux Enterprise Workstation Extension 12 SP2	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp2
	Suse Linux Enterprise Workstation Extension 12 SP3	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp3

Configuration #6

		CPE23	From	Up To
	Openstack Cloud Magnum Orchestration 7	cpe:2.3:a:openstack:cloud_magnum_orchestration:7

Configuration #7

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:-
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm

Configuration #8

		CPE23	From	Up To
	Redhat Mrg Realtime 2.0	cpe:2.3:a:redhat:mrg_realtime:2.0
	Redhat Enterprise Linux Desktop 6.0	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Eus 7.3	cpe:2.3:o:redhat:enterprise_linux_eus:7.3
	Redhat Enterprise Linux Eus 7.4	cpe:2.3:o:redhat:enterprise_linux_eus:7.4
	Redhat Enterprise Linux Eus 7.6	cpe:2.3:o:redhat:enterprise_linux_eus:7.6
	Redhat Enterprise Linux Eus 7.7	cpe:2.3:o:redhat:enterprise_linux_eus:7.7
	Redhat Enterprise Linux for Real Time 7	cpe:2.3:o:redhat:enterprise_linux_for_real_time:7
	Redhat Enterprise Linux for Real Time For Nfv 7	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7
	Redhat Enterprise Linux Server 6.0	cpe:2.3:o:redhat:enterprise_linux_server:6.0
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.3	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
	Redhat Enterprise Linux Server Aus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
	Redhat Enterprise Linux Server Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
	Redhat Enterprise Linux Server Aus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
	Redhat Enterprise Linux Server Tus 7.3	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
	Redhat Enterprise Linux Server Tus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Server Tus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
	Redhat Enterprise Linux Workstation 6.0	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0