CVE-2017-2647

CVSS v3.0 7.8 (High)

CVSS v2.0 7.2 (High)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 14

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2017-03-31 04:59:00
(7 years ago)
Updated Date: 2023-02-12 23:29:38
(19 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 3.17.8 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 3.17.8