Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
170
VMScore

CVE-2017-18203

Published: 27/02/2018 Updated: 20/06/2018
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 170
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Linux Kernel

Vulnerability Summary

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel prior to 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: Important: kernel-alt security, bug fix, and enhancement update
Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Red Hat: Important: kernel-rt security, bug fix, and enhancement update
Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Debian Security Advisories: DSA-4187-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer (blk-mq) On a system with a driver using blk-mq (mtip32xx, null_blk, or virtio_blk), a local user might be able ...
Ubuntu Security Notice: linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were addressed in the Linux kernel ...
Red Hat: CVE-2017-18203
The Linux kernel, before version 4143, is vulnerable to a denial of service in drivers/md/dmc:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for ...

References

CWE-362https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.3https://github.com/torvalds/linux/commit/b9a41d21dceadf8104812626ef85dc56ee8a60edhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a41d21dceadf8104812626ef85dc56ee8a60edhttp://www.securityfocus.com/bid/103184https://usn.ubuntu.com/3619-1/https://usn.ubuntu.com/3619-2/https://access.redhat.com/errata/RHSA-2018:1062https://access.redhat.com/errata/RHSA-2018:0676https://www.debian.org/security/2018/dsa-4187https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlhttps://usn.ubuntu.com/3655-2/https://usn.ubuntu.com/3653-2/https://usn.ubuntu.com/3653-1/https://usn.ubuntu.com/3657-1/https://usn.ubuntu.com/3655-1/https://access.redhat.com/errata/RHSA-2018:1854https://access.redhat.com/errata/RHSA-2019:4154https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2019:4154https://usn.ubuntu.com/3657-1/https://www.debian.org/security/./dsa-4187
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook