CVE-2017-17806

 

Published at: - 21-12-2017 12:29

Last modified: - 19-01-2023 05:26

Total changes: - 4

Description

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
• https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1
• http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1
• DSA-4073-Third Party Advisory
• 102293-Third Party Advisory, VDB Entry
• openSUSE-SU-2018:0023-Issue Tracking, Third Party Advisory
• openSUSE-SU-2018:0022-Issue Tracking, Patch, Third Party Advisory
• SUSE-SU-2018:0012-Issue Tracking, Patch, Third Party Advisory
• SUSE-SU-2018:0011-Issue Tracking, Patch, Third Party Advisory
• SUSE-SU-2018:0010-Issue Tracking, Patch, Third Party Advisory
• DSA-4082-Third Party Advisory
• [debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update-Third Party Advisory
• USN-3583-2-Third Party Advisory
• USN-3583-1-Third Party Advisory
• USN-3617-2-Third Party Advisory
• USN-3617-1-Third Party Advisory
• USN-3619-1-Third Party Advisory
• USN-3617-3-Third Party Advisory
• USN-3619-2-Third Party Advisory
• USN-3632-1-Third Party Advisory
• RHSA-2018:2948-Third Party Advisory

 

Keywords

NVD

 

CVE-2017-17806

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures