CVE-2017-7374

Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1b53cf9815bb4744958d41f3795d5d5a1d365e2d	Patch Third Party Advisory
http://www.securityfocus.com/bid/97308	Third Party Advisory VDB Entry
https://github.com/torvalds/linux/commit/1b53cf9815bb4744958d41f3795d5d5a1d365e2d	Patch Third Party Advisory
https://source.android.com/security/bulletin/2017-10-01	Third Party Advisory
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.7	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2017-03-31 20:59

Updated : 2024-02-28 15:44

NVD link : CVE-2017-7374

Mitre link : CVE-2017-7374

CVE.ORG link : CVE-2017-7374

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

CWE-476

NULL Pointer Dereference

{"id": "CVE-2017-7374", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-03-31T20:59:00.167", "references": [{"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1b53cf9815bb4744958d41f3795d5d5a1d365e2d", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/97308", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/torvalds/linux/commit/1b53cf9815bb4744958d41f3795d5d5a1d365e2d", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://source.android.com/security/bulletin/2017-10-01", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.7", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en fs/crypto/ en el kernel de Linux en versiones anteriores a 4.10.7 permite a usuarios locales provocar una denegaci\u00f3n de servicio (referencia a puntero NULL) o posiblemente obtener privilegios revocando el llavero de claves utilizado para cifrado ext4, f2fs o ubifs, provocando que los objetos de transformaci\u00f3n criptogr\u00e1fica sean liberados prematuramente."}], "lastModified": "2023-02-14T21:38:04.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86ECD7D8-40A9-4227-B77D-867268FFDEAC", "versionEndExcluding": "4.4.59", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D092A759-EAC4-4DDC-A3AF-7BECC8D32811", "versionEndExcluding": "4.9.20", "versionStartIncluding": "4.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E814839-1040-4BC0-8D84-A0011E6C3B71", "versionEndExcluding": "4.10.7", "versionStartIncluding": "4.10"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}