Vulnerability CVE-2017-18261


Published: 2018-04-19

Description:
The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER.

Type:

CWE-399

(Resource Management Errors)

Vendor: Linux
Product: Linux kernel 
Version:
4.9.95
4.9.94
4.9.93
4.9.92
4.9.91
4.9.90
4.9.9
4.9.89
4.9.88
4.9.87
4.9.86
4.9.85
4.9.84
4.9.83
4.9.82
4.9.81
4.9.80
4.9.8
4.9.79
4.9.78
4.9.77
4.9.76
4.9.75
4.9.74
4.9.73
4.9.72
4.9.71
4.9.70
4.9.7
4.9.69
4.9.68
4.9.67
4.9.66
4.9.65
4.9.64
4.9.63
4.9.62
4.9.61
4.9.60
4.9.6
4.9.59
4.9.58
4.9.57
4.9.56
4.9.55
4.9.54
4.9.53
4.9.52
4.9.51
4.9.50
4.9.5
4.9.49
4.9.48
4.9.47
4.9.46
4.9.45
4.9.44
4.9.43
4.9.42
4.9.41
4.9.40
4.9.4
4.9.39
4.9.38
4.9.37
4.9.36
4.9.35
4.9.34
4.9.33
4.9.32
4.9.31
4.9.30
4.9.3
4.9.29
4.9.28
4.9.27
4.9.26
4.9.25
4.9.24
4.9.23
4.9.22
4.9.21
4.9.20
4.9.2
4.9.19
4.9.18
4.9.17
4.9.16
4.9.15
4.9.14
4.9.13
4.9.12
4.9.11
4.9.10
4.9.1
4.9
4.8.9
4.8.8
4.8.7
4.8.6
See more versions on NVD

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4
https://github.com/torvalds/linux/commit/adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4

Related CVE
CVE-2018-18710
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds c...
CVE-2018-18690
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_...
CVE-2018-6559
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra...
CVE-2018-18386
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bi...
CVE-2018-14656
A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.
CVE-2018-17977
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to e...

Copyright 2018, cxsecurity.com

 

Back to Top