Linux Kernel CVE-2017-7184 Local Privilege Escalation Vulnerability



Linux kernel is prone to a local privilege-escalation vulnerability.

Local attackers may exploit this issue to gain root privileges.

Linux Kernel version 4.8 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 97018
Class: Design Error
CVE: CVE-2017-7184

Remote: No
Local: Yes
Published: Mar 16 2017 12:00AM
Updated: May 25 2017 03:00PM
Credit: Chaitin Security Research Lab
Vulnerable: Ubuntu Ubuntu Linux 16.10
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS
Ubuntu linux-meta package 4.8.0.41.52
SuSE Linux Enterprise Workstation Extension 12 SP1
SuSE Linux Enterprise Software Development Kit 12 SP2
SuSE Linux Enterprise Software Development Kit 12 SP1
SuSE Linux Enterprise Server for SAP 12
SuSE Linux Enterprise Server for Raspberry Pi 12-SP2
SuSE Linux Enterprise Server 12-SP2
SuSE Linux Enterprise Server 12-SP1
SuSE Linux Enterprise Server 12-LTSS
SuSE Linux Enterprise Module for Public Cloud 12
SuSE Linux Enterprise Live Patching 12
SuSE Linux Enterprise High Availability 12-SP2
SuSE Linux Enterprise Desktop 12-SP2
SuSE Linux Enterprise Desktop 12-SP1
Redhat Enterprise Mrg 2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
openSUSE Leap 42.1
OpenStack Cloud Magnum Orchestration 7
Linux kernel 4.8
Google Pixel XL 0
Google Pixel C 0
Google Pixel 0
Google Nexus 9
Google Nexus 6P
Google Nexus 6
Google Nexus 5X
Google Android One 0


Not Vulnerable:

Exploit


Exploitation of this issue was demonstrated at the Pwn2own contest, but the exploit is not publicly available.


Related Posts

Comments