Closed witchcraze closed 1 year ago
- CVE-2017-18017
- Suggested Configuration (ADD backports before 4.9)
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.2.0 up to (excluding) 3.2.99
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.3.0 up to (excluding) 3.10.108
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.11.0 up to (excluding) 3.16.54
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.17.0 up to (excluding) 3.18.60
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.19.0 up to (excluding) 4.1.43
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.2.0 up to (excluding) 4.4.76
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.5.0 up to (excluding) 4.9.36
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.10.0 up to (excluding) 4.11
- Reference
- https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901 (4.11-rc7)
- https://www.kernel.org/pub//linux/kernel/v3.x/ChangeLog-3.2.99
- https://www.kernel.org/pub//linux/kernel/v3.x/ChangeLog-3.10.108
- https://www.kernel.org/pub//linux/kernel/v3.x/ChangeLog-3.16.54
- https://www.kernel.org/pub//linux/kernel/v3.x/ChangeLog-3.18.60
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.1.43
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.4.76
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.9.36
- Reference (Commit)
- netfilter: xt_TCPMSS: add more sanity tests on tcph->doff
- Fixed by
- (2638fd0f92d4397884fd991d8f4925cb3f081901) (upstream)
- 3.10.108 (72d7b83afbc4659de5948c4cc33f5d7b47f09aa4)
- 3.16.54 (d2e769238e6079e1e16c856cc352b0061a111f1d)
- 3.18.60 (f4549a698a531c0014c62e40e521ffa030cf31e0)
- 3.2.99 (d84eeff84e9869d29f442ff652ce1352cfa63e84)
- 4.1.43 (a7776b8815a90da464f045f7c24d9565ae9f1963)
- 4.4.76 (234e649840d191379cd132d89f4b01a2495cfcc3)
- 4.9.36 (ced7689be60ddcac4b1746212c547e8817c5ae5e)
- I Checked
- 2638fd0f92d4397884fd991d8f4925cb3f081901 is written as upstream commit in each ChangeLog
- From 2638fd0f92d4397884fd991d8f4925cb3f081901 commit page, 4.11-rc7 is the most oldest in commit-branches area
[CVE Configuration Update Request] Update Suggestion - CVE-2017-18017 - Cvss2 : 10 [CVE Configuration Update Request] Update Suggestion - CVE-2017-18017 - Cvss3 : 9.8
https://www.linuxkernelcves.com/cves/CVE-2017-18017 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2017-18017.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2017-18017.json
-~-~sapltss~ltss~ltss~esm~-~