Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2017-17450

Published: 07/12/2017 Updated: 03/10/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Linux Kernel

Vulnerability Summary

net/netfilter/xt_osf.c in the Linux kernel up to and including 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian Security Advisories: DSA-4073-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free ...
Amazon Linux AMI: ALAS-2018-944
Race condition in raw_sendmsg function allows denial-of-service or kernel addresses leakA flaw was found in the Linux kernel's implementation of raw_sendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses A local attacker, with the privilege of creating raw sockets, can abuse a possible race condition when setting t ...
Ubuntu Security Notice: linux-hwe, linux-gcp, linux-oem vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-azure vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: CVE-2017-17450
net/netfilter/xt_osfc in the Linux kernel through 4144 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces ...
Arch Linux Issues:
It has been discovered that net/netfilter/xt_osfc in the Linux kernel through 4144 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces ...

References

CWE-862https://lkml.org/lkml/2017/12/5/982http://www.securityfocus.com/bid/102110https://www.debian.org/security/2017/dsa-4073http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlhttps://www.debian.org/security/2018/dsa-4082https://usn.ubuntu.com/3583-2/https://usn.ubuntu.com/3583-1/https://usn.ubuntu.com/3617-2/https://usn.ubuntu.com/3617-1/https://usn.ubuntu.com/3619-1/https://usn.ubuntu.com/3617-3/https://usn.ubuntu.com/3619-2/https://usn.ubuntu.com/3632-1/https://nvd.nist.govhttps://www.debian.org/security/./dsa-4073https://usn.ubuntu.com/3617-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook