High severity7.8NVD Advisory· Published Mar 31, 2017· Updated Jun 17, 2026
CVE-2017-7374
CVE-2017-7374
Description
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22- osv-coords21 versionspkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP2pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP2pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012
< 4.4.59-92.17.3+ 20 more
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.59-92.17.8
- (no CPE)range: < 4.4.59-92.17.3
- (no CPE)range: < 4.4.74-7.10.1
- (no CPE)range: < 4.4.74-7.10.1
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.74-7.10.1
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.59-92.17.2
- (no CPE)range: < 4.4.74-7.10.1
- (no CPE)range: < 1-2.3
Patches
Vulnerability mechanics
References
5- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdPatchThird Party Advisory
- github.com/torvalds/linux/commit/1b53cf9815bb4744958d41f3795d5d5a1d365e2dnvdPatchThird Party Advisory
- www.securityfocus.com/bid/97308nvdThird Party AdvisoryVDB Entry
- source.android.com/security/bulletin/2017-10-01nvdThird Party Advisory
- www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.7nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.