Linux Kernel CVE-2017-7184 Local Privilege Escalation Vulnerability

by CIRT Team

Description: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.

Impact: Local attackers may exploit this issue to gain root privileges. Linux Kernel version 4.8 is vulnerable; other versions may also be affected.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7184
• http://www.securityfocus.com/bid/97018/discuss
• http://securityaffairs.co/wordpress/57639/hacking/cve-2017-7184-patched-linux.html
• https://security-tracker.debian.org/tracker/CVE-2017-7184
• https://access.redhat.com/security/cve/cve-2017-7184

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

06 Nov 2024 - Security Advisories & Alerts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

12 Sep 2024 - Security Advisories & Alerts