CVE-2017-18509
linux-4.9 - security update
Description
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.
How to fix CVE-2017-18509
To remediate CVE-2017-18509, upgrade the affected package to a fixed version below.
- —upgrade to 4.11.6-1 or later
- —upgrade to 3.16.72-1 or later
- —upgrade to 4.9.168-1+deb9u5~deb8u1 or later
Is CVE-2017-18509 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 4.11.6-1
- from 0, < 3.16.72-1
- from 0, < 4.9.168-1+deb9u5~deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |