Wind River Support Network

HomeDefectsLIN8-7182

Fixed

LIN8-7182 : Security Advisory - linux - CVE-2017-11600

Created: Jul 27, 2017 Updated: Dec 3, 2018

Resolved Date: Sep 18, 2017

Found In Version: 8.0.0.19

Fix Version: 8.0.0.22

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Kernel

Description

net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.

https://nvd.nist.gov/vuln/detail/CVE-2017-11600

Other Downloads

Wind River Linux 8.0.0.22
Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-11600