The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1

www.debian.org/security/2017/dsa-3927

www.debian.org/security/2017/dsa-3945

www.securityfocus.com/bid/99919

access.redhat.com/errata/RHSA-2017:2918

access.redhat.com/errata/RHSA-2017:2930

access.redhat.com/errata/RHSA-2017:2931

access.redhat.com/errata/RHSA-2018:0169

access.redhat.com/errata/RHSA-2018:3822

github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1

help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

www.exploit-db.com/exploits/45553/

cve 1

openvas 22

ibm 8

virtuozzo 3

zdt 1

fedora 3

f5 1

nessus 47

nvd 1

ubuntucve 1

prion 1

exploitpack 1

redhatcve 1

exploitdb 2

veracode 1

debiancve 1

githubexploit 1

oraclelinux 10

redhat 5

amazon 1

centos 2

photon 3

ubuntu 7

cloudfoundry 1

github 2

debian 5

osv 3

suse 5

cve

CVE-2017-11176

2017-07-11 23:29:00

openvas

Fedora Update for kernel FEDORA-2017-deb70b495e

2017-08-04 00:00:00

Fedora Update for kernel FEDORA-2017-98548b066b

2017-07-24 00:00:00

CentOS Update for kernel CESA-2018:0169 centos6

2018-02-01 00:00:00

ibm

Security Bulletin: Vulnerability in Linux Kernel affects IBM BladeCenter Advanced Management Module (AMM)

2023-04-14 14:32:25

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem model V840

2018-08-07 15:20:29

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem models 840 and 900

2023-02-18 01:45:50

virtuozzo

Kernel security update: CVE-2017-11176 and other; Virtuozzo ReadyKernel patch 26.1 for Virtuozzo 7.0.x

2017-07-19 00:00:00

Important kernel security update: CVE-2017-7542 and other; new kernel 2.6.32-042stab124.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2017-09-04 00:00:00

Important kernel security update: CVE-2017-7542 and other; new kernel 2.6.32-042stab124.2, Virtuozzo 6.0 Update 12 Hotfix 14 (6.0.12-3683)

2017-09-04 00:00:00

zdt

Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation Exp

2018-10-09 00:00:00

fedora

[SECURITY] Fedora 26 Update: kernel-4.11.11-300.fc26

2017-07-23 04:01:51

[SECURITY] Fedora 25 Update: kernel-4.11.11-200.fc25

2017-07-23 22:57:11

[SECURITY] Fedora 24 Update: kernel-4.11.12-100.fc24

2017-07-26 21:20:27

K56450659 : Linux kernel vulnerability CVE-2017-11176

2017-11-15 00:00:00

nessus

Photon OS 1.0: Linux PHSA-2017-0025

2019-02-07 00:00:00

Virtuozzo 7 : readykernel-patch (VZA-2017-065)

2017-07-20 00:00:00

Fedora 26 : kernel (2017-deb70b495e)

2017-07-24 00:00:00

nvd

CVE-2017-11176

2017-07-11 23:29:00

ubuntucve

CVE-2017-11176

2017-07-11 00:00:00

prion

Design/Logic Flaw

2017-07-11 23:29:00

exploitpack

Linux Kernel 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation

2018-10-02 00:00:00

redhatcve

CVE-2017-11176

2019-10-31 16:26:34

exploitdb

A Red Teamer’s guide to pivoting

2017-03-23 00:00:00

Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation

2018-10-02 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:20:45

debiancve

CVE-2017-11176

2017-07-11 23:29:00

githubexploit

Exploit for Use After Free in Linux Linux Kernel

2021-12-23 17:45:35

oraclelinux

Unbreakable Enterprise kernel security update

2017-10-24 00:00:00

Unbreakable Enterprise kernel security update

2017-10-24 00:00:00

kernel security update

2018-01-04 00:00:00

redhat

(RHSA-2018:0169) Important: kernel security and bug fix update

2018-01-25 10:07:07

(RHSA-2018:3822) Important: kernel security and bug fix update

2018-12-12 14:23:50

(RHSA-2017:2930) Important: kernel security and bug fix update

2017-10-19 13:19:00

amazon

Critical: kernel

2017-08-10 16:31:00

centos

kernel, perf, python security update

2018-01-31 11:35:03

kernel, perf, python security update

2017-10-23 17:05:09

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0025

2017-07-19 00:00:00

Critical Photon OS Security Update - PHSA-2017-0055

2017-07-25 00:00:00

Critical Photon OS Security Update - PHSA-2018-0031

2018-03-29 00:00:00

ubuntu

Linux kernel vulnerabilities

2017-08-28 00:00:00

Linux kernel (Xenial HWE) vulnerabilities

2017-08-28 00:00:00

Linux kernel vulnerabilities

2017-10-31 00:00:00

cloudfoundry

USN-3405-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2017-09-21 00:00:00

github

The Android kernel mitigations obstacle race

2022-06-16 16:00:52

Pwning the all Google phone with a non-Google bug

2023-01-23 15:05:19

debian

[SECURITY] [DSA 3927-1] linux security update

2017-08-07 05:18:53

[SECURITY] [DSA 3927-1] linux security update

2017-08-07 05:18:53

[SECURITY] [DSA 3945-1] linux security update

2017-08-17 18:40:05

osv

linux - security update

2017-08-07 00:00:00

linux - security update

2017-08-17 00:00:00

linux - security update

2017-09-19 00:00:00

suse

Security update for the Linux Kernel (important)

2017-09-08 18:09:08

Security update for the Linux Kernel (important)

2017-10-30 19:23:22

Security update for the Linux Kernel (important)

2017-11-02 18:12:40

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.0%

JSON

Related for CVELIST:CVE-2017-11176