Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2017-16939: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

SUSE: CVE-2017-16939: SUSE Linux Security Advisory

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
11/24/2017
Created
07/25/2018
Added
12/04/2017
Modified
02/04/2022

Description

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

Solution(s)

  • suse-upgrade-kernel-azure-base
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-default-extra
  • suse-upgrade-kernel-default-man
  • suse-upgrade-kernel-devel-azure
  • suse-upgrade-kernel-docs
  • suse-upgrade-kernel-obs-build
  • suse-upgrade-kernel-source-azure

References

  • SUSE-SU-2017:3210-1
  • SUSE-SU-2017:3225-1
  • SUSE-SU-2017:3226-1
  • SUSE-SU-2017:3249-1
  • SUSE-SU-2017:3284-1
  • SUSE-SU-2017:3285-1
  • SUSE-SU-2017:3286-1
  • SUSE-SU-2017:3287-1
  • SUSE-SU-2017:3288-1
  • SUSE-SU-2017:3289-1
  • SUSE-SU-2017:3290-1
  • SUSE-SU-2017:3291-1
  • SUSE-SU-2017:3292-1
  • SUSE-SU-2017:3293-1
  • SUSE-SU-2017:3295-1
  • SUSE-SU-2017:3296-1
  • SUSE-SU-2017:3297-1
  • SUSE-SU-2017:3299-1
  • SUSE-SU-2017:3300-1
  • SUSE-SU-2017:3301-1
  • SUSE-SU-2017:3302-1
  • SUSE-SU-2017:3303-1
  • SUSE-SU-2017:3304-1
  • SUSE-SU-2017:3305-1
  • SUSE-SU-2017:3306-1
  • SUSE-SU-2017:3307-1
  • SUSE-SU-2017:3308-1
  • SUSE-SU-2017:3309-1
  • SUSE-SU-2017:3310-1
  • SUSE-SU-2017:3312-1
  • SUSE-SU-2017:3313-1
  • SUSE-SU-2017:3314-1
  • SUSE-SU-2017:3316-1
  • SUSE-SU-2017:3317-1
  • SUSE-SU-2017:3318-1
  • SUSE-SU-2017:3319-1
  • SUSE-SU-2017:3320-1
  • SUSE-SU-2017:3321-1
  • SUSE-SU-2017:3322-1
  • SUSE-SU-2017:3323-1
  • SUSE-SU-2017:3324-1
  • SUSE-SU-2017:3332-1
  • SUSE-SU-2017:3336-1
  • SUSE-SU-2017:3337-1
  • SUSE-SU-2017:3338-1
  • SUSE-SU-2017:3340-1
  • SUSE-SU-2018:0011-1
  • SUSE-SU-2018:0040-1
  • SUSE-SU-2018:0180-1
  • SUSE-SU-2018:0213-1
  • SUSE-SU-2018:0237-1
  • SUSE-SU-2018:0238-1
  • SUSE-SU-2018:0239-1
  • SUSE-SU-2018:0240-1
  • SUSE-SU-2018:0241-1
  • SUSE-SU-2018:0242-1
  • SUSE-SU-2018:0244-1
  • SUSE-SU-2018:0245-1
  • SUSE-SU-2018:0249-1
  • SUSE-SU-2018:0250-1
  • SUSE-SU-2018:0251-1
  • SUSE-SU-2018:0252-1
  • SUSE-SU-2018:0253-1
  • SUSE-SU-2018:0265-1
  • SUSE-SU-2018:0266-1
  • SUSE-SU-2018:0268-1
  • SUSE-SU-2018:0269-1
  • SUSE-SU-2018:0270-1
  • SUSE-SU-2018:0271-1
  • SUSE-SU-2018:0272-1
  • SUSE-SU-2018:0273-1
  • SUSE-SU-2018:0274-1
  • SUSE-SU-2018:0275-1
  • SUSE-SU-2018:0276-1
  • SUSE-SU-2018:0277-1
  • SUSE-SU-2018:0278-1
  • SUSE-SU-2018:0280-1
  • SUSE-SU-2018:0281-1
  • SUSE-SU-2018:0282-1
  • SUSE-SU-2018:0296-1
  • SUSE-SU-2018:0297-1
  • SUSE-SU-2018:0340-1
  • SUSE-SU-2018:0345-1
  • SUSE-SU-2018:0346-1
  • SUSE-SU-2018:0347-1
  • SUSE-SU-2019:0148-1
  • SUSE-SU-2019:0320-1
  • DSA-4082
  • CVE-2017-16939
  • USN-3507-1
  • USN-3507-2
  • USN-3508-1
  • USN-3508-2
  • USN-3509-1
  • USN-3509-2
  • USN-3509-3
  • USN-3509-4
  • USN-3510-1
  • USN-3510-2
  • USN-3511-1
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;