PT-2017-2348 · Linux+5 · Linux Kernel+5

Brad Spengler

Published

2017-04-12

Updated

2023-02-14

CVE-2017-7889

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.3

Description The issue is related to the mm subsystem in the Linux kernel, which does not properly enforce the CONFIG STRICT DEVMEM protection mechanism. This allows local users to read or write to kernel memory locations in the first megabyte, bypassing slab-allocation access restrictions, by opening the /dev/mem file. The affected files are arch/x86/mm/init.c and drivers/char/mem.c.

Recommendations For Linux kernel versions prior to 3.3, consider restricting access to the /dev/mem file as a temporary workaround until a patch is available. Additionally, review system configurations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-732

Related Identifiers

ALT-PU-2017-1507

ALT-PU-2017-1508

BDU:2017-01547

CESA-2017_1842

CESA-2018_1854

CVE-2017-7889

DLA-1099-1

DSA-3945-1

RHSA-2017:1842

RHSA-2017:2077

RHSA-2017:2669

RHSA-2017_1842

RHSA-2017_2077

RHSA-2018:1854

RHSA-2018_1854

SUSE-SU-2017:2908-1

SUSE-SU-2017:2920-1

USN-3312-1

USN-3312-2

USN-3314-1

USN-3361-1

USN-3583-1

USN-3583-2

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2017-2348 · Linux+5 · Linux Kernel+5

CVE-2017-7889

Weakness Enumeration

Related Identifiers

Affected Products

References · 249