Back to search
CVE-2017-11600
Published: Jul 24, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2018:2003
vendor-advisory
x_refsource_REDHAT
SUSE-SU-2018:0011
vendor-advisory
x_refsource_SUSE
RHSA-2018:1965
vendor-advisory
x_refsource_REDHAT
99928
vdb-entry
x_refsource_BID
DSA-3981
vendor-advisory
x_refsource_DEBIAN
https://source.android.com/security/bulletin/pixel/2017-11-01
x_refsource_CONFIRM
http://seclists.org/bugtraq/2017/Jul/30
x_refsource_MISC
RHSA-2019:1170
vendor-advisory
x_refsource_REDHAT
RHSA-2019:1190
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now