1637504 – (CVE-2018-17977) CVE-2018-17977 kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets resulting in a denial of service

Bug 1637504 (CVE-2018-17977) - CVE-2018-17977 kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets resulting in a denial of service

Summary: CVE-2018-17977 kernel: Mishandled interactions among XFRM Netlink messages, I...

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2018-17977
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1637505
Blocks:	1637555
TreeView+	depends on / blocked

Reported:	2018-10-09 11:26 UTC by Andrej Nemec
Modified:	2024-10-24 15:37 UTC (History)
CC List:	73 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2020-05-20 21:18:34 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2018-10-09 11:26:50 UTC

It was found that the Linux kernel mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang).

References:

https://seclists.org/oss-sec/2018/q4/15

Comment 1 Andrej Nemec 2018-10-09 11:28:27 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1637505]

Comment 6 Salvatore Bonaccorso 2019-05-27 20:27:55 UTC

Hi

Before the files disapeared, was someone able to gather them?

Was this issue ever adressed upstream? Do you have more information on the fix for tracking the status?

Thanks already in advance if you can share more on it. I'm trying to determine the status for Debian in https://security-tracker.debian.org/tracker/CVE-2018-17977 for it.

Regards,
Salvatore

Comment 7 Wade Mealing 2019-05-28 06:30:22 UTC

Salvatore , Emailed you a response.

Comment 8 Wade Mealing 2019-06-25 01:15:18 UTC

Statement:

At this time this flaws reproduction environment is considered too extraordinary and will rarely be a feasable attack vector for most attackers.  The IPSEC connection between connected hosts is a somewhat privileged operation with a shared secret between systems,   Red Hat will unlikely fix this issue due to its significant setup complexity and unlikely configuration.

Comment 9 Product Security DevOps Team 2020-05-20 21:18:34 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2018-17977

Note You need to log in before you can comment on or make changes to this bug.

abhgupta
acaringi
airlied
allarkin
aquini
bhu
blc
brdeoliv
bskeggs
carnil
cye
dbaker
dbohanno
dhoward
dvlasenk
esandeen
ewk
fhrbata
hdegoede
hkrzesin
hwkernel-mgr
iboverma
ichavero
itamar
jarod
jarodwilson
jfaracco
jforbes
jglisse
jkacur
joe.lawrence
john.j5live
jokerman
jonathan
josef
jross
jshortt
jstancek
jwboyer
kernel-maint
kernel-mgr
labbott
lgoncalv
linville
lzampier
matt
mchehab
mcressma
mjg59
mlangsdo
mleitner
mmilgram
nmurray
plougher
ptalbert
rparrazo
rrobaina
rt-maint
rvrbovsk
rysulliv
scweaver
security-response-team
slawomir
steved
sthangav
sukulkar
trankin
williams
wmealing
ycote
ykopkova
yozone
zhijwang