CVE-2017-17053
Publication date 29 November 2017
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Vulnerable, work in progress
|
|
14.04 LTS trusty |
Not affected
|
|
linux-armadaxp | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-aws | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Vulnerable, work in progress
|
|
14.04 LTS trusty |
Vulnerable, work in progress
|
|
linux-azure | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.13.0-1005.7
|
|
14.04 LTS trusty |
Not affected
|
|
linux-euclid | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-flo | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-gcp | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.13.0-1002.5
|
|
14.04 LTS trusty | Not in release | |
linux-gke | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-goldfish | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-grouper | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-hwe | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.13.0-26.29~16.04.2
|
|
14.04 LTS trusty | Not in release | |
linux-hwe-edge | 18.04 LTS bionic |
Fixed 4.18.0-8.9~18.04.1
|
16.04 LTS xenial |
Fixed 4.13.0-26.29~16.04.2
|
|
14.04 LTS trusty | Not in release | |
linux-kvm | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Vulnerable, work in progress
|
|
14.04 LTS trusty | Not in release | |
linux-linaro-omap | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-linaro-shared | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-linaro-vexpress | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-quantal | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-raring | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-saucy | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-trusty | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-utopic | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-vivid | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Ignored | |
linux-lts-wily | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-xenial | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty |
Vulnerable, work in progress
|
|
linux-maguro | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-mako | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-manta | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-oem | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
linux-qcm-msm | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-raspi2 | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-snapdragon | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-ti-omap4 | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.0 · High |
Attack vector | Local |
Attack complexity | High |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Other references
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc
- https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10
- https://www.cve.org/CVERecord?id=CVE-2017-17053