BSA-2017-326
21420
13 October 2017
23 June 2017
Closed
High
7.0
N/A
CVE-2017-7308
Summary
Security Advisory ID : BSA-2017-326
Component : Linux Kernel
Revision : 2.0: Interim
It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Affected Products
Product | Current Assessment |
---|---|
Brocade Services Director | Impacted: Fixed in 17.2. |
Brocade Virtual Traffic Manager | Impacted: Appliance fixed in 17.2 and later. |
Products Confirmed Not Vulnerable
Brocade 5400 vRouter, Brocade 5600 vRouter, Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager, Brocade Virtual Web Application Firewall, and Brocade Workflow Composer are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | June 23, 2017 |
2.0 | Updating to address FOS, NOS, SLX, & WC | October 13, 2017 |