CVE-2017-15129
moderate-risk
Published 2018-01-09
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
Do I need to act?
-
0.08% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.7/10
Medium
LOCAL
/ HIGH complexity
Affected Products (20)
Enterprise Linux Compute Node Eus
Affected Vendors
References (38)
Mailing List
http://seclists.org/oss-sec/2018/q1/7
Broken Link
http://www.securityfocus.com/bid/102485
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0654
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0676
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1062
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1946
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2017-15129
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1531174
Mailing List
https://marc.info/?t=151370468900001&r=1&w=2
Third Party Advisory
https://usn.ubuntu.com/3617-1/
Third Party Advisory
https://usn.ubuntu.com/3617-2/
Third Party Advisory
https://usn.ubuntu.com/3617-3/
Third Party Advisory
https://usn.ubuntu.com/3619-1/
Third Party Advisory
https://usn.ubuntu.com/3619-2/
Third Party Advisory
https://usn.ubuntu.com/3632-1/
and 18 more references
34
/ 100
moderate-risk
Severity
12/34 · Low
Exploitability
0/34 · Minimal
Exposure
22/34 · High