CVE Vulnerabilities

CVE-2017-12193

NULL Pointer Dereference

Published: Nov 22, 2017 | Modified: Feb 12, 2023
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
4.7 MODERATE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux * 4.13.11 (excluding)
Red Hat Enterprise Linux 7 RedHat kernel-rt-0:3.10.0-693.17.1.rt56.636.el7 *
Red Hat Enterprise Linux 7 RedHat kernel-0:3.10.0-693.17.1.el7 *
Red Hat Enterprise MRG 2 RedHat kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt *
Linux Ubuntu artful *
Linux Ubuntu trusty *
Linux Ubuntu upstream *
Linux Ubuntu xenial *
Linux Ubuntu zesty *
Linux-aws Ubuntu trusty *
Linux-aws Ubuntu upstream *
Linux-aws Ubuntu xenial *
Linux-aws-5.15 Ubuntu upstream *
Linux-aws-5.4 Ubuntu upstream *
Linux-aws-6.8 Ubuntu upstream *
Linux-aws-fips Ubuntu trusty *
Linux-aws-fips Ubuntu upstream *
Linux-aws-fips Ubuntu xenial *
Linux-aws-hwe Ubuntu upstream *
Linux-azure Ubuntu upstream *
Linux-azure Ubuntu xenial *
Linux-azure-4.15 Ubuntu upstream *
Linux-azure-5.15 Ubuntu upstream *
Linux-azure-5.4 Ubuntu upstream *
Linux-azure-6.8 Ubuntu upstream *
Linux-azure-fde Ubuntu focal *
Linux-azure-fde Ubuntu upstream *
Linux-azure-fde-5.15 Ubuntu upstream *
Linux-azure-fips Ubuntu trusty *
Linux-azure-fips Ubuntu upstream *
Linux-azure-fips Ubuntu xenial *
Linux-bluefield Ubuntu upstream *
Linux-euclid Ubuntu upstream *
Linux-euclid Ubuntu xenial *
Linux-fips Ubuntu fips/xenial *
Linux-fips Ubuntu upstream *
Linux-flo Ubuntu trusty *
Linux-flo Ubuntu upstream *
Linux-flo Ubuntu xenial *
Linux-gcp Ubuntu upstream *
Linux-gcp Ubuntu xenial *
Linux-gcp-4.15 Ubuntu upstream *
Linux-gcp-5.15 Ubuntu upstream *
Linux-gcp-5.4 Ubuntu upstream *
Linux-gcp-6.8 Ubuntu upstream *
Linux-gcp-fips Ubuntu trusty *
Linux-gcp-fips Ubuntu upstream *
Linux-gcp-fips Ubuntu xenial *
Linux-gke Ubuntu focal *
Linux-gke Ubuntu upstream *
Linux-gke Ubuntu xenial *
Linux-gkeop Ubuntu upstream *
Linux-gkeop-5.15 Ubuntu upstream *
Linux-goldfish Ubuntu trusty *
Linux-goldfish Ubuntu upstream *
Linux-grouper Ubuntu trusty *
Linux-grouper Ubuntu upstream *
Linux-hwe Ubuntu upstream *
Linux-hwe Ubuntu xenial *
Linux-hwe-5.15 Ubuntu upstream *
Linux-hwe-5.4 Ubuntu upstream *
Linux-hwe-6.8 Ubuntu upstream *
Linux-hwe-edge Ubuntu upstream *
Linux-hwe-edge Ubuntu xenial *
Linux-ibm Ubuntu upstream *
Linux-ibm-5.15 Ubuntu upstream *
Linux-ibm-5.4 Ubuntu upstream *
Linux-intel Ubuntu upstream *
Linux-intel-iot-realtime Ubuntu upstream *
Linux-intel-iotg Ubuntu upstream *
Linux-intel-iotg-5.15 Ubuntu upstream *
Linux-iot Ubuntu upstream *
Linux-kvm Ubuntu upstream *
Linux-kvm Ubuntu xenial *
Linux-lowlatency Ubuntu upstream *
Linux-lowlatency-hwe-5.15 Ubuntu upstream *
Linux-lowlatency-hwe-6.8 Ubuntu upstream *
Linux-lts-quantal Ubuntu precise/esm *
Linux-lts-quantal Ubuntu upstream *
Linux-lts-raring Ubuntu precise/esm *
Linux-lts-raring Ubuntu upstream *
Linux-lts-saucy Ubuntu precise/esm *
Linux-lts-saucy Ubuntu upstream *
Linux-lts-trusty Ubuntu upstream *
Linux-lts-utopic Ubuntu trusty *
Linux-lts-utopic Ubuntu upstream *
Linux-lts-vivid Ubuntu trusty *
Linux-lts-vivid Ubuntu trusty/esm *
Linux-lts-vivid Ubuntu upstream *
Linux-lts-wily Ubuntu trusty *
Linux-lts-wily Ubuntu upstream *
Linux-lts-xenial Ubuntu trusty *
Linux-lts-xenial Ubuntu upstream *
Linux-maguro Ubuntu trusty *
Linux-maguro Ubuntu upstream *
Linux-mako Ubuntu trusty *
Linux-mako Ubuntu upstream *
Linux-mako Ubuntu xenial *
Linux-manta Ubuntu trusty *
Linux-manta Ubuntu upstream *
Linux-nvidia Ubuntu upstream *
Linux-nvidia-6.5 Ubuntu upstream *
Linux-nvidia-6.8 Ubuntu upstream *
Linux-nvidia-lowlatency Ubuntu upstream *
Linux-oem Ubuntu upstream *
Linux-oem Ubuntu xenial *
Linux-oem-6.11 Ubuntu upstream *
Linux-oem-6.8 Ubuntu upstream *
Linux-oracle Ubuntu upstream *
Linux-oracle-5.15 Ubuntu upstream *
Linux-oracle-5.4 Ubuntu upstream *
Linux-oracle-6.8 Ubuntu upstream *
Linux-raspi Ubuntu upstream *
Linux-raspi-5.4 Ubuntu upstream *
Linux-raspi-realtime Ubuntu upstream *
Linux-raspi2 Ubuntu artful *
Linux-raspi2 Ubuntu focal *
Linux-raspi2 Ubuntu upstream *
Linux-raspi2 Ubuntu xenial *
Linux-raspi2 Ubuntu zesty *
Linux-realtime Ubuntu jammy *
Linux-realtime Ubuntu upstream *
Linux-riscv Ubuntu focal *
Linux-riscv Ubuntu jammy *
Linux-riscv Ubuntu upstream *
Linux-riscv-5.15 Ubuntu upstream *
Linux-riscv-6.8 Ubuntu upstream *
Linux-snapdragon Ubuntu artful *
Linux-snapdragon Ubuntu upstream *
Linux-snapdragon Ubuntu xenial *
Linux-snapdragon Ubuntu zesty *
Linux-xilinx-zynqmp Ubuntu upstream *

Potential Mitigations

References