PT-2017-3739 · Linux+3 · Linux Kernel+3

Shi Lei

Published

2017-04-27

Updated

2023-02-14

CVE-2017-7482

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12

Description: The issue is related to the implementation of the Kerberos 5 protocol in the Linux kernel, specifically with the handling of RXRPC keys. It could lead to a buffer overflow when decoding Kerberos 5 tickets, potentially causing memory corruption and possible privilege escalation. The vulnerability may allow an attacker to elevate their privileges or cause a denial of service.

Recommendations: For Linux kernel versions prior to 4.12, update to version 4.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the Kerberos 5 protocol or disabling the use of RXRPC keys until a patch is available.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2017-1817

ALT-PU-2017-1854

BDU:2019-00227

CVE-2017-7482

DLA-1099-1

DSA-3927-1

DSA-3945-1

OPENSUSE-SU-2017_3358-1

OPENSUSE-SU-2017_3359-1

RHSA-2019:0641

SUSE-SU-2017:2342-1

SUSE-SU-2017:2389-1

SUSE-SU-2017:2525-1

SUSE-SU-2017:2908-1

SUSE-SU-2017:2920-1

SUSE-SU-2017:3398-1

SUSE-SU-2017:3410-1

SUSE-SU-2018:0213-1

USN-3377-1

USN-3377-2

USN-3378-1

USN-3378-2

USN-3381-1

USN-3381-2

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2017-3739 · Linux+3 · Linux Kernel+3

CVE-2017-7482

Weakness Enumeration

Related Identifiers

Affected Products

References · 610