Published: 19/05/2017 Updated: 24/02/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel up to and including 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 8.0
debian debian linux 9.0

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-7487 Li Qiang reported a reference counter leak in the ipxitf_ioctl function which may result into a use-after-free vulnerability, triggerable when a IPX interface is configured CVE ...

Module reference leak due to improper shut down of callback channel on umount:The NFSv4 implementation in the Linux kernel through 4111 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak (CVE-2 ...

The IPv6 DCCP implementation in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash Due ...

Several security issues were fixed in the Linux kernel ...

NVD-CWE-noinfo https://patchwork.ozlabs.org/patch/760370/https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52 http://www.securityfocus.com/bid/98586 https://source.android.com/security/bulletin/2017-09-01 http://www.debian.org/security/2017/dsa-3886 https://access.redhat.com/errata/RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 https://nvd.nist.gov https://usn.ubuntu.com/3344-1/https://www.debian.org/security/./dsa-3886

CVE-2017-9076

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect