High severity7.8NVD Advisory· Published Nov 24, 2017· Updated May 13, 2026

CVE-2017-16939

Description

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: >=2.6.28,<3.2.97
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdPatchTechnical Description
www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11nvdPatchVendor Advisory
github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2nvdPatchThird Party Advisory
blogs.securiteam.com/index.php/archives/3535nvdExploitPatchThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlnvdMailing ListThird Party Advisory
seclists.org/fulldisclosure/2017/Nov/40nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/101954nvdThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2018:1318nvdThird Party Advisory
access.redhat.com/errata/RHSA-2018:1355nvdThird Party Advisory
access.redhat.com/errata/RHSA-2019:1170nvdThird Party Advisory
access.redhat.com/errata/RHSA-2019:1190nvdThird Party Advisory
bugzilla.suse.com/show_bug.cginvdIssue TrackingThird Party Advisory
lists.debian.org/debian-lts-announce/2017/12/msg00004.htmlnvdThird Party Advisory
www.debian.org/security/2018/dsa-4082nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000