Back to search
CVE-2017-12153
Published: Sep 21, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
| Vendor | Product | Versions |
|---|---|---|
n/a | kernel since v3.1-rc1 through v4.13 | affected kernel since v3.1-rc1 through v4.13 |
Weaknesses (CWE)
References
https://bugzilla.novell.com/show_bug.cgi?id=1058410
x_refsource_CONFIRM
USN-3583-2
vendor-advisory
x_refsource_UBUNTU
100855
vdb-entry
x_refsource_BID
DSA-3981
vendor-advisory
x_refsource_DEBIAN
USN-3583-1
vendor-advisory
x_refsource_UBUNTU
http://seclists.org/oss-sec/2017/q3/437
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1491046
x_refsource_CONFIRM
https://marc.info/?t=150525503100001&r=1&w=2
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now