First Last Prev Next    This bug is not in your last search results.
Bug 1071693 - (CVE-2017-17448) VUL-0: CVE-2017-17448: kernel: net/netfilter/nfnetlink_cthelper.c does not require the CAP_NET_ADMIN capability for new, get, and del operations
(CVE-2017-17448)
VUL-0: CVE-2017-17448: kernel: net/netfilter/nfnetlink_cthelper.c does not re...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/196291/
CVSSv3:SUSE:CVE-2017-17448:5.7:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-12-07 09:34 UTC by Johannes Segitz
Modified: 2019-08-15 13:47 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-12-07 09:34:29 UTC 
CVE-2017-17448

net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not
require the CAP_NET_ADMIN capability for new, get, and del operations, which
allows local users to bypass intended access restrictions because the
nfnl_cthelper_list data structure is shared across all net namespaces.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17448
http://www.cvedetails.com/cve/CVE-2017-17448/
https://patchwork.kernel.org/patch/10089373/
Comment 2 Michal Kubeček 2017-12-11 15:36:53 UTC 
The fix is in git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
(nf tree) as commit

  4b380c42f7d0  netfilter: nfnetlink_cthelper: Add missing permission checks

The issue seems to exist since the interface was introduced in v3.6-rc1 by

  12f7a505331e  netfilter: add user-space connection tracking helper
                infrastructure
Comment 3 Michal Kubeček 2017-12-13 08:20:42 UTC 
The fix is now present in or submitted to (*) all relevant branches:

  stable                  a208c29d5e30
  SLE15                   b16758e6733e *
  SLE12-SP3               60de6b3f12c3
  SLE12-SP2               848d4a780a77
  cve/linux-3.12          9cc396a0e127 *

Reassigning to security team.
Comment 4 Swamp Workflow Management 2017-12-13 17:20:32 UTC 
This is an autogenerated message for OBS integration:
This bug (1071693) was mentioned in
https://build.opensuse.org/request/show/556738 42.2 / kernel-source
https://build.opensuse.org/request/show/556740 42.3 / kernel-source
Comment 5 Swamp Workflow Management 2017-12-18 11:18:48 UTC 
openSUSE-SU-2017:3358-1: An update that solves 16 vulnerabilities and has 67 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1017461,1021424,1022595,1022914,1024412,1027301,1030061,1031717,1037890,1046107,1050060,1050231,1053919,1056003,1056365,1056427,1056979,1057199,1058135,1060333,1060682,1061756,1062941,1063026,1063516,1064701,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068671,1068978,1068980,1068982,1069270,1069496,1069702,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071231,1071693,1071694,1071695,1071833,963575,964944,966170,966172,974590,979928,989261,996376
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
openSUSE Leap 42.2 (src):    kernel-debug-4.4.103-18.41.1, kernel-default-4.4.103-18.41.1, kernel-docs-4.4.103-18.41.1, kernel-obs-build-4.4.103-18.41.1, kernel-obs-qa-4.4.103-18.41.1, kernel-source-4.4.103-18.41.1, kernel-syms-4.4.103-18.41.1, kernel-vanilla-4.4.103-18.41.1
Comment 6 Swamp Workflow Management 2017-12-18 11:38:46 UTC 
openSUSE-SU-2017:3359-1: An update that solves 17 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012523,1015336,1015337,1015340,1015342,1015343,1019675,1020412,1020645,1022595,1022607,1024346,1024373,1024376,1024412,1031717,1032150,1036489,1036800,1037404,1037838,1038299,1039542,1040073,1041873,1042268,1042957,1042977,1042978,1043017,1045404,1046054,1046107,1047901,1047989,1048317,1048327,1048356,1050060,1050231,1051406,1051635,1051987,1052384,1053309,1053919,1055272,1056003,1056365,1056427,1056587,1056596,1056652,1056979,1057079,1057199,1057820,1058413,1059639,1060333,1061756,1062496,1062835,1062941,1063026,1063349,1063516,1064206,1064320,1064591,1064597,1064606,1064701,1064926,1065101,1065180,1065600,1065639,1065692,1065717,1065866,1065959,1066045,1066175,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1066660,1066696,1066767,1066812,1066974,1067105,1067132,1067225,1067494,1067734,1067735,1067888,1067906,1068671,1068978,1068980,1068982,1069152,1069250,1069270,1069277,1069484,1069496,1069583,1069702,1069721,1069793,1069879,1069916,1069942,1069996,1070001,1070006,1070145,1070169,1070404,1070535,1070767,1070771,1070805,1070825,1070964,1071693,1071694,1071695,1071833,1072589,744692,789311,964944,966170,966172,969470,979928,989261,996376
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.103-36.1, kernel-default-4.4.103-36.1, kernel-docs-4.4.103-36.1, kernel-obs-build-4.4.103-36.1, kernel-obs-qa-4.4.103-36.1, kernel-source-4.4.103-36.1, kernel-syms-4.4.103-36.1, kernel-vanilla-4.4.103-36.1
Comment 7 Swamp Workflow Management 2017-12-21 17:30:54 UTC 
SUSE-SU-2017:3398-1: An update that solves 15 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012523,1015336,1015337,1015340,1015342,1015343,1019675,1020412,1020645,1022595,1022607,1024346,1024373,1024376,1024412,1031717,1032150,1036489,1036800,1037404,1037838,1038299,1039542,1040073,1041873,1042268,1042957,1042977,1042978,1043017,1045404,1046054,1046107,1047901,1047989,1048317,1048327,1048356,1050060,1050231,1051406,1051635,1051987,1052384,1053309,1053919,1055272,1056003,1056365,1056427,1056587,1056596,1056652,1056979,1057079,1057199,1057820,1058413,1059639,1060333,1061756,1062496,1062835,1062941,1063026,1063349,1063516,1064206,1064320,1064591,1064597,1064606,1064701,1064926,1065101,1065180,1065600,1065639,1065692,1065717,1065866,1065959,1066045,1066175,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1066660,1066696,1066767,1066812,1066974,1067105,1067132,1067225,1067494,1067734,1067735,1067888,1067906,1068671,1068978,1068980,1068982,1069152,1069250,1069270,1069277,1069484,1069583,1069721,1069793,1069879,1069916,1069942,1069996,1070001,1070006,1070145,1070169,1070404,1070535,1070767,1070771,1070805,1070825,1070964,1071693,1071694,1071695,1071833,1072589,744692,789311,964944,966170,966172,969470,979928,989261,996376
CVE References: CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.103-6.33.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.103-6.33.1, kernel-obs-build-4.4.103-6.33.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.103-6.33.1, kernel-source-4.4.103-6.33.1, kernel-syms-4.4.103-6.33.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_6-1-4.3.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.103-6.33.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.103-6.33.1, kernel-source-4.4.103-6.33.1, kernel-syms-4.4.103-6.33.1
SUSE Container as a Service Platform ALL (src):    kernel-default-4.4.103-6.33.1
Comment 8 Swamp Workflow Management 2017-12-21 23:20:44 UTC 
SUSE-SU-2017:3410-1: An update that solves 16 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1017461,1020645,1021424,1022595,1022600,1022914,1024412,1025461,1027301,1028971,1030061,1031717,1034048,1037890,1046107,1050060,1050231,1053919,1055567,1056003,1056365,1056427,1056979,1057199,1058135,1059863,1060333,1060682,1060985,1061451,1061756,1062520,1062941,1062962,1063026,1063460,1063475,1063501,1063509,1063516,1063520,1063695,1064206,1064701,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068671,1068978,1068980,1068982,1069270,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071231,1071693,1071694,1071695,1071833,963575,964944,966170,966172,966186,966191,966316,966318,969474,969475,969476,969477,971975,974590,979928,989261,996376
CVE References: CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-15265,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    kernel-default-4.4.103-92.53.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    kernel-docs-4.4.103-92.53.1, kernel-obs-build-4.4.103-92.53.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
SUSE Linux Enterprise Server 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP2_Update_16-1-3.3.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.103-92.53.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.103-92.53.1
Comment 9 Swamp Workflow Management 2018-01-05 20:10:24 UTC 
SUSE-SU-2018:0031-1: An update that solves 14 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1012422,1045205,1050231,1066569,1066693,1067678,1068032,1068671,1070771,1070781,1071074,1071470,1071693,1071694,1071695,1072561,1072876
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-15115,CVE-2017-15868,CVE-2017-16534,CVE-2017-16538,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17558,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-8824
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.69.1
Comment 10 Swamp Workflow Management 2018-01-16 20:11:22 UTC 
SUSE-SU-2018:0115-1: An update that solves 14 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1045205,1050231,1066569,1066693,1068032,1068671,1070771,1070781,1071074,1071470,1071693,1071694,1071695,1072561,1072876
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-15115,CVE-2017-15868,CVE-2017-16534,CVE-2017-16538,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17558,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.111.1, kernel-source-3.12.61-52.111.1, kernel-syms-3.12.61-52.111.1, kernel-xen-3.12.61-52.111.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.111.1
Comment 11 Swamp Workflow Management 2018-01-25 14:21:21 UTC 
SUSE-SU-2018:0213-1: An update that solves 22 vulnerabilities and has 72 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1012917,1021424,1022476,1022595,1024412,1027301,1031717,1039616,1046107,1047487,1050060,1050231,1056003,1056365,1056427,1056979,1057199,1060333,1060682,1061756,1062941,1063026,1063043,1063516,1064311,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068032,1068671,1068951,1068978,1068980,1068982,1069270,1069496,1069702,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071009,1071231,1071693,1071694,1071695,1071833,1072556,1072962,1073090,1073792,1073809,1073874,1073912,1074392,1074709,963575,964063,964944,966170,966172,969470,979928,989261
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP2 (src):    kernel-rt-4.4.104-24.1, kernel-rt_debug-4.4.104-24.1, kernel-source-rt-4.4.104-24.1, kernel-syms-rt-4.4.104-24.1
Comment 12 Marcus Meissner 2018-02-09 07:57:48 UTC 
released
First Last Prev Next    This bug is not in your last search results.