CVE-2017-18509
HIGH7.8EPSS 0.07%linux - security update
Published: 8/13/2019Modified: 4/28/2026
Description
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.
Affected packages (3)
- Debian/linuxfrom 0, < 4.11.6-1
- Debian/linuxfrom 0, < 3.16.72-1
- Debian/linux-4.9from 0, < 4.9.168-1+deb9u5~deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |