Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2017-18270

Published: 18 May 2018

In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.

From the Ubuntu Security Team

It was discovered that the keyring subsystem in the Linux kernel did not properly prevent a user from creating keyrings for other users. A local attacker could use this cause a denial of service or expose sensitive information.

Priority

Medium

Cvss 3 Severity Score

7.1

Score breakdown

Status

Package Release Status
linux-lts-trusty
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
xenial Ignored
(end of life, was needs-triage)
linux-grouper
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
xenial Does not exist

linux-flo
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
xenial Ignored
(abandoned)
linux-lts-utopic
Launchpad, Ubuntu, Debian
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.14~rc3)
xenial Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.14~rc3)
xenial Does not exist

linux-aws
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.15.0-1001.1)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1007.7)
trusty Not vulnerable
(4.4.0-1002.2)
xenial
Released (4.4.0-1039.48)
linux-hwe
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable

artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial
Released (4.13.0-26.29~16.04.2)
linux-hwe-edge
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.18.0-8.9~18.04.1)
artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial
Released (4.13.0-26.29~16.04.2)
linux-gke
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial Ignored
(end of standard support, was needs-triage)
linux-azure
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.15.0-1002.2)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1009.9)
trusty Not vulnerable
(4.15.0-1023.24~14.04.1)
xenial
Released (4.13.0-1005.7)
linux-gcp
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.15.0-1001.1)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1006.6)
trusty Does not exist

xenial
Released (4.13.0-1002.5)
linux-kvm
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.15.0-1002.2)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1008.8)
trusty Does not exist

xenial
Released (4.4.0-1009.14)
linux-euclid
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial Ignored
(was needed ESM criteria)
linux-azure-edge
Launchpad, Ubuntu, Debian
upstream
Released (4.14~rc3)
bionic Not vulnerable
(4.18.0-1003.3~18.04.1)
cosmic Does not exist

trusty Does not exist

xenial Not vulnerable
(4.15.0-1002.2)
linux
Launchpad, Ubuntu, Debian
artful
Released (4.13.0-17.20)
bionic Not vulnerable
(4.13.0-17.20)
cosmic Not vulnerable
(4.15.0-20.21)
trusty
Released (3.13.0-157.207)
upstream
Released (4.14~rc3)
xenial
Released (4.4.0-98.121)
Patches:
Introduced by

69664cf16af4f31cd54d77948a4baf9c7e0ca7b9

Fixed by 237bbd29f7a049d310d907f4b2716a7feef9abf3
linux-lts-vivid
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.14~rc3)
xenial Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.14~rc3)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty
Released (4.4.0-98.121~14.04.1)
upstream
Released (4.14~rc3)
xenial Does not exist

linux-mako
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.14~rc3)
xenial Ignored
(abandoned)
linux-manta
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.14~rc3)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Not vulnerable
(4.15.0-1002.3)
cosmic Not vulnerable
(4.15.0-1004.5)
trusty Does not exist

upstream
Released (4.14~rc3)
xenial Not vulnerable
(4.13.0-1008.9)
linux-raspi2
Launchpad, Ubuntu, Debian
artful
Released (4.13.0-1006.6)
bionic Not vulnerable
(4.13.0-1006.6)
cosmic Not vulnerable
(4.15.0-1010.11)
trusty Does not exist

upstream
Released (4.14~rc3)
xenial
Released (4.4.0-1076.84)
linux-snapdragon
Launchpad, Ubuntu, Debian
artful
Released (4.4.0-1078.83)
bionic Not vulnerable

cosmic Does not exist

trusty Does not exist

upstream
Released (4.14~rc3)
xenial
Released (4.4.0-1078.83)

Severity score breakdown

Parameter Value
Base score 7.1
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact High
Availability impact High
Vector CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H