CVE-2017-9074
Description
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.074
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3324-1) linux-image-generic_4.10.0.24.26_i386.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-generic_4.10.0.24.26_amd64.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-lowlatency_4.10.0.24.26_i386.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-lowlatency_4.10.0.24.26_amd64.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-4.10.0-24-generic_4.10.0-24.28_i386.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-4.10.0-24-generic_4.10.0-24.28_amd64.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-4.10.0-24-lowlatency_4.10.0-24.28_i386.deb | Linux |
| Linux kernel (USN-3324-1) linux-image-4.10.0-24-lowlatency_4.10.0-24.28_amd64.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-generic_4.4.0.81.87_i386.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-generic_4.4.0.81.87_amd64.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-lowlatency_4.4.0.81.87_i386.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-lowlatency_4.4.0.81.87_amd64.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-4.4.0-81-generic_4.4.0-81.104_i386.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-4.4.0-81-generic_4.4.0-81.104_amd64.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104_i386.deb | Linux |
| Linux kernel (USN-3328-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104_amd64.deb | Linux |
| Linux kernel for Google Container Engine (GKE) systems (USN-3329-1) linux-image-4.4.0-1016-gke_4.4.0-1016.16_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3331-1) linux-image-4.4.0-1020-aws_4.4.0-1020.29_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-generic_4.4.0-81.104~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-generic_4.4.0-81.104~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-generic-lts-xenial_4.4.0.81.66_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-generic-lts-xenial_4.4.0.81.66_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-4.4.0-81-lowlatency_4.4.0-81.104~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-lowlatency-lts-xenial_4.4.0.81.66_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3334-1) linux-image-lowlatency-lts-xenial_4.4.0.81.66_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-aws_4.4.0.1022.25_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-gke_4.4.0.1018.20_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-generic_4.4.0.83.89_i386.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-generic_4.4.0.83.89_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-lowlatency_4.4.0.83.89_i386.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-lowlatency_4.4.0.83.89_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-1018-gke_4.4.0-1018.18_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-1022-aws_4.4.0-1022.31_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-83-generic_4.4.0-83.106_i386.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-83-generic_4.4.0-83.106_amd64.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-83-lowlatency_4.4.0-83.106_i386.deb | Linux |
| Linux kernel (USN-3344-1) linux-image-4.4.0-83-lowlatency_4.4.0-83.106_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-generic_4.4.0-83.106~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-generic_4.4.0-83.106~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-lowlatency_4.4.0-83.106~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3344-2) linux-image-4.4.0-83-lowlatency_4.4.0-83.106~14.04.1_amd64.deb | Linux |
| Linux kernel (USN-3345-1) linux-image-4.10.0-26-generic_4.10.0-26.30_i386.deb | Linux |
| Linux kernel (USN-3345-1) linux-image-4.10.0-26-generic_4.10.0-26.30_amd64.deb | Linux |
| Linux kernel (USN-3345-1) linux-image-4.10.0-26-lowlatency_4.10.0-26.30_i386.deb | Linux |
| Linux kernel (USN-3345-1) linux-image-4.10.0-26-lowlatency_4.10.0-26.30_amd64.deb | Linux |
| Kernel security update (CESA-2018:0169) kernel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-abi-whitelists-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-debug-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-debug-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-debug-devel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-debug-devel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-devel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-devel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-doc-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-headers-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) kernel-headers-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) perf-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Kernel security update (CESA-2018:0169) python-perf-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Kernel security update (CESA-2018:0169) python-perf-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-abi-whitelists-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-debug-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-debug-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-debug-devel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-debug-devel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-devel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-devel-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-doc-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-headers-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update kernel-headers-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update perf-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update perf-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update python-perf-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (RHSA-2018:0169) Important: kernel security and bug fix update python-perf-2.6.32-696.20.1.el6.x86_64.rpm | Linux |
| Dtrace-modules-provider-headers update (ELSA-2017-3609) dtrace-modules-provider-headers-0.6.1-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-shared-headers update (ELSA-2017-3609) dtrace-modules-shared-headers-0.6.1-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-provider-headers update (ELSA-2017-3609) dtrace-modules-provider-headers-0.6.1-3.el7.x86_64.rpm | Linux |
| Dtrace-modules-shared-headers update (ELSA-2017-3609) dtrace-modules-shared-headers-0.6.1-3.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.20.3.el6uek update (ELSA-2018-4040) dtrace-modules-3.8.13-118.20.3.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.20.3.el7uek update (ELSA-2018-4040) dtrace-modules-3.8.13-118.20.3.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.21.1.el6uek update (ELSA-2018-4109) dtrace-modules-3.8.13-118.21.1.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.21.1.el7uek update (ELSA-2018-4109) dtrace-modules-3.8.13-118.21.1.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| (CESA-2018:0169) Important: kernel security and bug fix update kernel-2.6.32-696.20.1.el6.i686.rpm | Linux |
| (CESA-2018:0169) Important: kernel security and bug fix update kernel-debug-2.6.32-696.20.1.el6.i686.rpm | Linux |
| Out-of-bounds Read Vulnerability (CVE-2017-9074) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234