The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Arista
  • Eos
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
F5
  • Arx
Linux
  • Linux Kernel
Openstack
  • Cloud Magnum Orchestration
Opensuse
  • Leap
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Eus
  • Enterprise Linux For Real Time
  • Enterprise Linux For Real Time For Nfv
  • Enterprise Linux Server
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Enterprise Linux Workstation
  • Enterprise Mrg
  • Mrg Realtime
  • Rhel Eus
  • Rhel Extras Rt
Suse
  • Caas Platform
  • Linux Enterprise Debuginfo
  • Linux Enterprise Desktop
  • Linux Enterprise High Availability
  • Linux Enterprise High Availability Extension
  • Linux Enterprise Live Patching
  • Linux Enterprise Module For Public Cloud
  • Linux Enterprise Point Of Sale
  • Linux Enterprise Real Time Extension
  • Linux Enterprise Server
  • Linux Enterprise Software Development Kit
  • Linux Enterprise Workstation Extension
  • Openstack Cloud

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:arista:eos:4.20.1fx-virtual-router:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:suse:caas_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
cpe:2.3:a:suse:openstack_cloud:6:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp3:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:a:openstack:cloud_magnum_orchestration:7:*:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

Configuration 8 [-]

OR cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
kernel-0:2.6.32-696.28.1.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2018:1319 2018-05-08T00:00:00Z
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-862.rt56.804.el7 cpe:/a:redhat:rhel_extras_rt:7 RHSA-2018:0676 2018-04-10T00:00:00Z
kernel-0:3.10.0-862.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2018:1062 2018-04-10T00:00:00Z
Red Hat Enterprise Linux 7.3 Extended Update Support
kernel-0:3.10.0-514.51.1.el7 cpe:/o:redhat:rhel_eus:7.3 RHSA-2018:1737 2018-05-29T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
kernel-0:3.10.0-693.25.2.el7 cpe:/o:redhat:rhel_eus:7.4 RHSA-2018:1130 2018-04-17T00:00:00Z
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-693.25.2.rt56.612.el6rt cpe:/a:redhat:enterprise_mrg:2:server:el6 RHSA-2018:1170 2018-04-17T00:00:00Z
References
Link Providers
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.html cve-icon cve-icon
http://patchwork.ozlabs.org/patch/746618/ cve-icon cve-icon
http://www.securityfocus.com/bid/102367 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3583-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3583-2 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:0676 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1062 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1130 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1170 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1319 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1737 cve-icon cve-icon
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765 cve-icon cve-icon
https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901 cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html cve-icon cve-icon
https://lkml.org/lkml/2017/4/2/13 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2017-18017 cve-icon
https://security.netapp.com/advisory/ntap-20250103-0010/ cve-icon
https://support.f5.com/csp/article/K18352029 cve-icon cve-icon
https://usn.ubuntu.com/3583-1/ cve-icon cve-icon
https://usn.ubuntu.com/3583-2/ cve-icon cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2017-18017 cve-icon
https://www.debian.org/security/2018/dsa-4187 cve-icon cve-icon
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36 cve-icon cve-icon
History

Fri, 03 Jan 2025 12:45:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-01-03T06:00:00

Updated: 2025-01-03T12:04:18.715Z

Reserved: 2018-01-03T00:00:00

Link: CVE-2017-18017

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-01-03T06:29:00.517

Modified: 2025-01-03T12:15:25.113

Link: CVE-2017-18017

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-01-03T00:00:00Z

Links: CVE-2017-18017 - Bugzilla