#VU10680 Memory corruption in Linux kernel


Published: 2018-02-21

Vulnerability identifier: #VU10680

Vulnerability risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15129

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description
The vulnerability allows a local unprivileged attacker to cause DoS condition no the target system.

The weakness exists due to the function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr. A local attacker can induce kernel memory corruption, trigger use-after-free and double free error in network namespaces code to cause the system to crash.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.14 - 4.14.10, 4.13 - 4.13.16, 4.12 - 4.12.14, 4.11 - 4.11.12, 4.10 - 4.10.17

External links
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=21b5944350052d2583e82d...

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Red Hat update for kernel
SUSE Linux update for the Linux Kernel
Red Hat update for kernel
Red Hat update for kernel-alt
Red Hat update for kernel-rt
SUSE Linux update for the Linux Kernel
SUSE Linux update for the Linux Kernel
OpenSUSE Linux update for the Linux Kernel
SUSE Linux update for the Linux Kernel