Bug 1414304 (CVE-2017-0386)
Summary: | CVE-2017-0386 libnl: Privilege escalation due to insufficient data checks in nla_reserve and nla_put | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | dcbw, dmoppert, jiri, rkhan, sardella, tgraf, thaller |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-01-19 01:11:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1414305 | ||
Bug Blocks: | 1414309 |
Description
Andrej Nemec
2017-01-18 09:32:58 UTC
Created libnl3 tracking bugs for this issue: Affects: fedora-all [bug 1414305] This CVE seems to be specific to Android's usage of (its fork of) libnl, allowing calls into libnl to cross process (and therefore privilege) boundaries. On Fedora and Enterprise Linux, libnl inherits the privilege domain of the process which opens it (through dynamic linking or dlopen()) .. like any other shared library. Thus, this does not represent a security vulnerability. The same conclusion has been reached on the upstream ticket: https://github.com/thom311/libnl/issues/124 |