CVE-2017-11600

Published: 7/24/2017 Last updated: 8/5/2024 Reserved: 7/24/2017

net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 1.27.0

References (18)

https://access.redhat.com/errata/RHSA-2018:2003
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
https://access.redhat.com/errata/RHSA-2018:1965
http://www.securityfocus.com/bid/99928
http://www.debian.org/security/2017/dsa-3981
https://source.android.com/security/bulletin/pixel/2017-11-01
http://seclists.org/bugtraq/2017/Jul/30
https://access.redhat.com/errata/RHSA-2019:1170
https://access.redhat.com/errata/RHSA-2019:1190
https://access.redhat.com/errata/RHSA-2018:2003
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
https://access.redhat.com/errata/RHSA-2018:1965
http://www.securityfocus.com/bid/99928
http://www.debian.org/security/2017/dsa-3981
https://source.android.com/security/bulletin/pixel/2017-11-01
http://seclists.org/bugtraq/2017/Jul/30
https://access.redhat.com/errata/RHSA-2019:1170
https://access.redhat.com/errata/RHSA-2019:1190