Revision history [back]
 | 1 | initial version | posted 2017-07-06 15:43:46 +0200  |
do not inherit ipv6_mc_list from parent in kernel-net-ipv6 CVE-2017-9077 remote
Description
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
related to CVE-2017-8890
Patch available upstream.
Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/dccp/ipv6.c lines 499-503; 575-580
kernel-adaptation-sbj-3.4.108.20161101.1/net/ipv6/tcp_ipv6.c lines 1277-1282; 1344-1349
| | 2 | No.2 Revision |
do not inherit ipv6_mc_list from parent in kernel-net-ipv6 CVE-2017-9077 remoteCVE-2017-9077
Description
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
related to CVE-2017-8890
Patch available upstream.
Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/dccp/ipv6.c lines 499-503; 575-580
kernel-adaptation-sbj-3.4.108.20161101.1/net/ipv6/tcp_ipv6.c lines 1277-1282; 1344-1349
| | 3 | No.3 Revision |
do not inherit ipv6_mc_list from parent in kernel-net-ipv6 CVE-2017-9077CVE-2017-9077 and do not inherit ipv6_{mc|ac|fl}_list from parent in kernel-net-sctp CVE-2017-9075
Description
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
Description
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
related to CVE-2017-8890
Patch available upstream.upstream.
Patch for CVE-2017-9075 available upstream and for kernel-3.2 (both equal, so suitable for our kernel-3.4 too)
Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/dccp/ipv6.c lines 499-503; 575-580
kernel-adaptation-sbj-3.4.108.20161101.1/net/ipv6/tcp_ipv6.c lines 1277-1282; 1344-13491344-1349
kernel-adaptation-sbj-3.4.108.20161101.1/net/sctp/ipv6.c lines 651-654
| | 4 | No.4 Revision |
do not inherit ipv6_mc_list from parent in kernel-net-ipv6 CVE-2017-9077 and do not inherit ipv6_{mc|ac|fl}_list from parent in kernel-net-sctp CVE-2017-9075CVE-2017-9075 and do not inherit ipv6_mc_list from parent in kernel-ipv6-dccp CVE-2017-9076
Description
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
Description
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVSS v3 Base Score: 7.8 High local
Description
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.
related to CVE-2017-8890
Patch available upstream. Patch for CVE-2017-9075 available upstream and for kernel-3.2 (both equal, so suitable for our kernel-3.4 too)
Patch for CVE-2017-9076 available upstream and for kernel-3.2 (both equal, so suitable for our kernel-3.4 too)
Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/dccp/ipv6.c lines 499-503; 575-580
kernel-adaptation-sbj-3.4.108.20161101.1/net/ipv6/tcp_ipv6.c lines 1277-1282; 1344-1349
kernel-adaptation-sbj-3.4.108.20161101.1/net/sctp/ipv6.c lines 651-654