{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-08-03T00:00:00", "descriptions": [{"lang": "en", "value": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-14T12:06:04", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3620-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3620-2/"}, {"tags": ["x_refsource_MISC"], "url": "https://patchwork.kernel.org/patch/9880041/"}, {"name": "100251", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100251"}, {"name": "USN-3620-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3620-1/"}, {"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"}, {"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"}, {"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-12762", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3620-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3620-2/"}, {"name": "https://patchwork.kernel.org/patch/9880041/", "refsource": "MISC", "url": "https://patchwork.kernel.org/patch/9880041/"}, {"name": "100251", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100251"}, {"name": "USN-3620-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3620-1/"}, {"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"}, {"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"}, {"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:51:05.643Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3620-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3620-2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://patchwork.kernel.org/patch/9880041/"}, {"name": "100251", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/100251"}, {"name": "USN-3620-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3620-1/"}, {"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"}, {"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"}, {"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-12762", "datePublished": "2017-08-09T21:00:00", "dateReserved": "2017-08-09T00:00:00", "dateUpdated": "2024-08-05T18:51:05.643Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA5C240C-195E-486B-BBEB-DB830D7D66F5", "versionEndExcluding": "3.18.64", "versionStartIncluding": "3.18", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B85F93D-0C2D-4351-BD2D-8448C7A837C9", "versionEndIncluding": "4.4.80", "versionStartIncluding": "3.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AC5E809-CD25-4763-8973-B2B5507C98E3", "versionEndIncluding": "4.9.41", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "230A3EC9-BF2E-4E68-9A4B-057DE2657AA8", "versionEndIncluding": "4.12.5", "versionStartIncluding": "4.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree."}, {"lang": "es", "value": "Una inyecci\u00f3n de comandos en transferencias desde otro servidor en extplorer en se versiones 2.1.9 y anteriores permite que un atacante inyecte comandos a trav\u00e9s del par\u00e1metro userfile[0]."}], "id": "CVE-2017-12762", "lastModified": "2023-01-19T16:07:50.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-09T21:29:01.507", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100251"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://patchwork.kernel.org/patch/9880041/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3620-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3620-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver", "id": "1481178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481178"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.", "A buffer overflow was found in the Linux kernel's isdn_net_newslave() function in the /drivers/isdn/i4l/isdn_net.c file. An overflow happens when the user-controlled buffer is copied into a local buffer of constant size using strcpy() without a length check."], "mitigation": {"lang": "en:us", "value": "The ISDN kernel module is automatically loaded when the system boots and the ISDN service is present and enabled. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Run the following commands to blacklist the ISDN module, thus preventing them from loading:\n```# echo \"install isdn /bin/true\">> /etc/modprobe.d/disable-isdn.conf```\nOn RHEL 6 execute the following commands as root to check if any isdn-related services are present:\n```# chkconfig --list | grep isdn```\nand disable them if they are:\n```# chkconfig isdn off```\n(or use a name of another isdn-related service)"}, "name": "CVE-2017-12762", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2017-08-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-12762\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-12762"], "statement": "This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}