Published: 10/04/2017 Updated: 14/02/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

crypto/ahash.c in the Linux kernel up to and including 4.10.9 allows malicious users to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Infinite recursion in ahashc by triggering EBUSY on a full queue:A vulnerability was found in crypto/ahashc in the Linux kernel which allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue(CVE-2017-7618) Time subsystem allows local users to discover real ...

Several security issues were fixed in the Linux kernel ...

A vulnerability was found in crypto/ahashc in the Linux kernel which allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue ...

CWE-835 http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2 http://www.securityfocus.com/bid/97534 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2017-828.html https://usn.ubuntu.com/3312-2/

CVE-2017-7618

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect