Bug 1077402 - (CVE-2017-18075) VUL-0: CVE-2017-18075: kernel-source: crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances,allowing a local user able to access the AF_ALG-based AEAD interface(CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRY
(CVE-2017-18075)
VUL-0: CVE-2017-18075: kernel-source: crypto/pcrypt.c in the Linux kernel bef...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Torsten Duwe
Security Team bot
https://smash.suse.de/issue/198879/
CVSSv3:SUSE:CVE-2017-18075:7.4:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-01-24 12:58 UTC by Marcus Meissner
Modified: 2022-03-04 20:24 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-01-24 12:58:41 UTC
CVE-2017-18075

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances,
allowing a local user able to access the AF_ALG-based AEAD interface
(CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a
denial of service (kfree of an incorrect pointer) or possibly have unspecified
other impact by executing a crafted sequence of system calls.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18075
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.13
https://github.com/torvalds/linux/commit/d76c68109f37cb85b243a1cf0f40313afd2bae68
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d76c68109f37cb85b243a1cf0f40313afd2bae68
Comment 1 Marcus Meissner 2018-01-24 13:01:38 UTC
seems 4.2 and newer kernels are affected, so SLES 12 SP2 and newer.
Comment 3 Torsten Duwe 2018-02-09 17:02:33 UTC
SLE15: done
Comment 5 Marcus Meissner 2018-08-29 08:58:32 UTC
patches.kernel.org/4.4.111-005-crypto-pcrypt-fix-freeing-pcrypt-instances.patch
Comment 6 Marcus Meissner 2018-08-29 08:59:38 UTC
this is included in sle12 sp2 and sp3, older ones are not affected.