Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-7477

UNKNOWN
Published 2017-04-25T14:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-7477. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-rj7x-xw78-6fjw

Advisory Details

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-7477
WEB https://access.redhat.com/errata/RHSA-2017:1615
WEB https://access.redhat.com/errata/RHSA-2017:1616
WEB https://access.redhat.com/security/cve/CVE-2017-7477
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1445207
WEB https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
WEB https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b
WEB http://www.securityfocus.com/bid/98014
WEB http://www.securitytracker.com/id/1038500

Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: May 14, 2022

References

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
http://www.securitytracker.com/id/1038500
https://access.redhat.com/errata/RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1616
https://bugzilla.redhat.com/show_bug.cgi?id=1445207
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b
http://www.securityfocus.com/bid/98014
Published: 2017-04-25T14:00:00
Last Modified: 2024-08-05T16:04:11.423Z
Copied to clipboard!