OpenCVE

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux Enterprise Mrg

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_mrg:2.0:::::::*

No data.

References

Link	Providers
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df
https://access.redhat.com/security/cve/CVE-2017-15128
https://bugzilla.redhat.com/show_bug.cgi?id=1525222
https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df
https://nvd.nist.gov/vuln/detail/CVE-2017-15128
https://www.cve.org/CVERecord?id=CVE-2017-15128
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-01-14T06:00:00

Updated: 2024-08-05T19:50:16.308Z

Reserved: 2017-10-08T00:00:00

Link: CVE-2017-15128

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-01-14T06:29:00.297

Modified: 2024-11-21T03:14:07.597

Link: CVE-2017-15128

Redhat

Severity : Moderate

Publid Date: 2017-12-08T00:00:00Z

Links: CVE-2017-15128 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Linux kernel before 4.13.12", "vendor": "n/a", "versions": [{"status": "affected", "version": "Linux kernel before 4.13.12"}]}], "datePublic": "2018-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-01-14T05:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/CVE-2017-15128"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525222"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df"}, {"tags": ["x_refsource_MISC"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:50:16.308Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/CVE-2017-15128"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525222"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-15128", "datePublished": "2018-01-14T06:00:00", "dateReserved": "2017-10-08T00:00:00", "dateUpdated": "2024-08-05T19:50:16.308Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3AB470D9-2EFD-4F2C-838A-EF9815166D69", "versionEndIncluding": "4.13.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG)."}, {"lang": "es", "value": "Se encontr\u00f3 un error en la funci\u00f3n hugetlb_mcopy_atomic_pte en mm/hugetlb.c en el kernel de Linux en versiones anteriores a la 4.13.12. La falta de comprobaci\u00f3n de tama\u00f1o podr\u00eda provocar una denegaci\u00f3n de servicio (error)."}], "id": "CVE-2017-15128", "lastModified": "2024-11-21T03:14:07.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-14T06:29:00.297", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2017-15128"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525222"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Release Notes", "Vendor Advisory"], "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2017-15128"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525222"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Release Notes", "Vendor Advisory"], "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Out of bound access in hugetlb_mcopy_atomic_pte function in mm/hugetlb.c", "id": "1525222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525222"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-119", "details": ["A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).", "A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlb_mcopy_atomic_pte could create an invalid inode variable, leading to a kernel panic."], "name": "CVE-2017-15128", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2017-12-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-15128\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-15128"], "statement": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 and kernel-alt.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, realtime and MRG-2. Future Linux kernel updates for the respective releases may address this issue.", "threat_severity": "Moderate"}