Vulnerability CVE-2017-17053

Vulnerability Name:

CVE-2017-17053 (CCN-135702)

Assigned:

2017-08-25

Published:

2017-08-25

Updated:

2023-06-21

Summary:

CVSS v3 Severity:

7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-17053

Source: cve@mitre.org
Type: Issue Tracking, Patch, Vendor Advisory
cve@mitre.org

Source: CCN
Type: BID-102010
Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability

Source: cve@mitre.org
Type: Third Party Advisory, VDB Entry
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
linux-kernel-cve201717053-code-exec(135702)

Source: CCN
Type: Linux Kernel GIT Repository
x86/mm: Fix use-after-free of ldt_struct

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Issue Tracking, Vendor Advisory
cve@mitre.org

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-17053

Vulnerable Configuration:

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.12.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201717053	V	CVE-2017-17053	2022-09-02
oval:org.opensuse.security:def:14382	P	squashfs-4.3-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14360	P	python-doc-2.7.13-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14383	P	squid-3.5.21-25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14361	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14384	P	squidGuard-1.4-29.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14362	P	python-libxml2-2.9.4-45.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13522	P	dbus-1-1.8.16-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13425	P	pam-modules-12.1-23.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13394	P	librpcsecgss3-0.19-16.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13711	P	python-requests-2.3.0-6.5.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13656	P	libtag1-1.9.1-1.265 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13555	P	gvim-7.4.326-2.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13475	P	xen-4.4.1_06-2.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13403	P	libudisks2-0-2.1.3-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13701	P	powerpc-utils-1.2.26-6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13631	P	libmysqlclient18-10.0.21-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13536	P	freeradius-server-3.0.3-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13426	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13395	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13722	P	shim-0.9-2.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13657	P	libtasn1-3.7-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13556	P	gzip-1.6-7.392 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13520	P	cyrus-sasl-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13404	P	libupsclient1-2.7.1-4.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13709	P	python-pyOpenSSL-0.14-1.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13632	P	libneon27-0.30.0-3.65 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13537	P	ft2demos-2.5.5-7.5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13473	P	wireshark-1.10.9-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13396	P	libsndfile1-1.0.25-18.70 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13723	P	smt-3.0.8-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13699	P	perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13557	P	hardlink-1.0-6.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13521	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13424	P	pam-1.1.8-11.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13710	P	python-pywbem-0.7.0-4.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13655	P	libssh2-1-1.4.3-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13538	P	fuse-2.9.3-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13474	P	xalan-j2-2.7.0-264.133 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13402	P	libtiff5-32bit-4.0.3-9.78 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13724	P	socat-1.7.2.4-1.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13700	P	pigz-2.3-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13630	P	libmusicbrainz4-2.1.5-27.86 on GA media (Moderate)	2021-06-08
oval:com.ubuntu.bionic:def:2017170530000000	V	CVE-2017-17053 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-29
oval:com.ubuntu.xenial:def:2017170530000000	V	CVE-2017-17053 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-29
oval:com.ubuntu.artful:def:201717053000	V	CVE-2017-17053 on Ubuntu 17.10 (artful) - medium.	2017-11-28
oval:com.ubuntu.bionic:def:201717053000	V	CVE-2017-17053 on Ubuntu 18.04 LTS (bionic) - medium.	2017-11-28
oval:com.ubuntu.trusty:def:201717053000	V	CVE-2017-17053 on Ubuntu 14.04 LTS (trusty) - medium.	2017-11-28
oval:com.ubuntu.xenial:def:201717053000	V	CVE-2017-17053 on Ubuntu 16.04 LTS (xenial) - medium.	2017-11-28

BACK