Home

CVE-2017-8890

Description

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.574

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-3324-1) linux-image-generic_4.10.0.24.26_i386.debLinux
Linux kernel (USN-3324-1) linux-image-generic_4.10.0.24.26_amd64.debLinux
Linux kernel (USN-3324-1) linux-image-lowlatency_4.10.0.24.26_i386.debLinux
Linux kernel (USN-3324-1) linux-image-lowlatency_4.10.0.24.26_amd64.debLinux
Linux kernel (USN-3324-1) linux-image-4.10.0-24-generic_4.10.0-24.28_i386.debLinux
Linux kernel (USN-3324-1) linux-image-4.10.0-24-generic_4.10.0-24.28_amd64.debLinux
Linux kernel (USN-3324-1) linux-image-4.10.0-24-lowlatency_4.10.0-24.28_i386.debLinux
Linux kernel (USN-3324-1) linux-image-4.10.0-24-lowlatency_4.10.0-24.28_amd64.debLinux
Linux kernel (USN-3326-1) linux-image-virtual_4.8.0.56.69_i386.debLinux
Linux kernel (USN-3326-1) linux-image-virtual_4.8.0.56.69_amd64.debLinux
Linux kernel (USN-3326-1) linux-image-4.8.0-56-generic_4.8.0-56.61_i386.debLinux
Linux kernel (USN-3326-1) linux-image-4.8.0-56-generic_4.8.0-56.61_amd64.debLinux
Linux kernel (USN-3326-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61_i386.debLinux
Linux kernel (USN-3326-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61_amd64.debLinux
Linux kernel (USN-3328-1) linux-image-generic_4.4.0.81.87_i386.debLinux
Linux kernel (USN-3328-1) linux-image-generic_4.4.0.81.87_amd64.debLinux
Linux kernel (USN-3328-1) linux-image-lowlatency_4.4.0.81.87_i386.debLinux
Linux kernel (USN-3328-1) linux-image-lowlatency_4.4.0.81.87_amd64.debLinux
Linux kernel (USN-3328-1) linux-image-4.4.0-81-generic_4.4.0-81.104_i386.debLinux
Linux kernel (USN-3328-1) linux-image-4.4.0-81-generic_4.4.0-81.104_amd64.debLinux
Linux kernel (USN-3328-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104_i386.debLinux
Linux kernel (USN-3328-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104_amd64.debLinux
Linux kernel for Google Container Engine (GKE) systems (USN-3329-1) linux-image-4.4.0-1016-gke_4.4.0-1016.16_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3331-1) linux-image-4.4.0-1020-aws_4.4.0-1020.29_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-generic_4.8.0-56.61~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-generic_4.8.0-56.61~16.04.1_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-generic-hwe-16.04_4.8.0.56.27_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-generic-hwe-16.04_4.8.0.56.27_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61~16.04.1_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-lowlatency-hwe-16.04_4.8.0.56.27_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-lowlatency-hwe-16.04_4.8.0.56.27_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-generic_4.4.0-81.104~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-generic_4.4.0-81.104~14.04.1_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-generic-lts-xenial_4.4.0.81.66_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-generic-lts-xenial_4.4.0.81.66_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104~14.04.1_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-lowlatency-lts-xenial_4.4.0.81.66_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-lowlatency-lts-xenial_4.4.0.81.66_amd64.debLinux
Linux kernel (USN-3342-1) linux-image-4.8.0-58-generic_4.8.0-58.63_i386.debLinux
Linux kernel (USN-3342-1) linux-image-4.8.0-58-generic_4.8.0-58.63_amd64.debLinux
Linux kernel (USN-3342-1) linux-image-4.8.0-58-lowlatency_4.8.0-58.63_i386.debLinux
Linux kernel (USN-3342-1) linux-image-4.8.0-58-lowlatency_4.8.0-58.63_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-generic_4.8.0-58.63~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-generic_4.8.0-58.63~16.04.1_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-lowlatency_4.8.0-58.63~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-lowlatency_4.8.0-58.63~16.04.1_amd64.debLinux
Linux kernel (USN-3343-1) linux-image-3.13.0-123-generic_3.13.0-123.172_i386.debLinux
Linux kernel (USN-3343-1) linux-image-3.13.0-123-generic_3.13.0-123.172_amd64.debLinux
Linux kernel (USN-3343-1) linux-image-3.13.0-123-lowlatency_3.13.0-123.172_i386.debLinux
Linux kernel (USN-3343-1) linux-image-3.13.0-123-lowlatency_3.13.0-123.172_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-aws_4.4.0.1022.25_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-gke_4.4.0.1018.20_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-generic_4.4.0.83.89_i386.debLinux
Linux kernel (USN-3344-1) linux-image-generic_4.4.0.83.89_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-lowlatency_4.4.0.83.89_i386.debLinux
Linux kernel (USN-3344-1) linux-image-lowlatency_4.4.0.83.89_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-1018-gke_4.4.0-1018.18_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-1022-aws_4.4.0-1022.31_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-83-generic_4.4.0-83.106_i386.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-83-generic_4.4.0-83.106_amd64.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-83-lowlatency_4.4.0-83.106_i386.debLinux
Linux kernel (USN-3344-1) linux-image-4.4.0-83-lowlatency_4.4.0-83.106_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-generic_4.4.0-83.106~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-generic_4.4.0-83.106~14.04.1_amd64.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-lowlatency_4.4.0-83.106~14.04.1_i386.debLinux
Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-lowlatency_4.4.0-83.106~14.04.1_amd64.debLinux
Linux kernel (USN-3345-1) linux-image-4.10.0-26-generic_4.10.0-26.30_i386.debLinux
Linux kernel (USN-3345-1) linux-image-4.10.0-26-generic_4.10.0-26.30_amd64.debLinux
Linux kernel (USN-3345-1) linux-image-4.10.0-26-lowlatency_4.10.0-26.30_i386.debLinux
Linux kernel (USN-3345-1) linux-image-4.10.0-26-lowlatency_4.10.0-26.30_amd64.debLinux
Dtrace-modules-3.8.13-118.18.3.el6uek update (ELSA-2017-3575) dtrace-modules-3.8.13-118.18.3.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.18.3.el7uek update (ELSA-2017-3575) dtrace-modules-3.8.13-118.18.3.el7uek-0.4.5-3.el7.x86_64.rpmLinux
Dtrace-modules-provider-headers update (ELSA-2017-3609) dtrace-modules-provider-headers-0.6.1-3.el6.x86_64.rpmLinux
Dtrace-modules-shared-headers update (ELSA-2017-3609) dtrace-modules-shared-headers-0.6.1-3.el6.x86_64.rpmLinux
Dtrace-modules-provider-headers update (ELSA-2017-3609) dtrace-modules-provider-headers-0.6.1-3.el7.x86_64.rpmLinux
Dtrace-modules-shared-headers update (ELSA-2017-3609) dtrace-modules-shared-headers-0.6.1-3.el7.x86_64.rpmLinux
Double Free Vulnerability (CVE-2017-8890)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234