CVE-2017-17852

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-17852
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17852.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-17852
Downstream
Related
Published
2017-12-27T17:08:20.060Z
Modified
2026-02-12T00:51:50.895585Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Fixed
468f6eafa6c44cb2c5d8aad35e12f06c240a812a
Introduced
bebc6082da0a9f5d47a1ea2edc099bf671058bd4
Fixed
468f6eafa6c44cb2c5d8aad35e12f06c240a812a

Affected versions

v4.*
v4.14
v4.15-rc1
v4.15-rc2
v4.15-rc3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17852.json"
vanir_signatures 
[
    {
        "id": "CVE-2017-17852-4717ef6a",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "166001491131630476910929253373309257175",
                "275949235593830193407423155050212686315",
                "300950934998224231348577068894012016569",
                "125794300483186248733667225805311506623",
                "199598800246121892230481081917967571881",
                "314720868546150892738346377874185569406",
                "183804556489346801519443720810985552563",
                "66060622373748611929995389487468032723",
                "25439358469016668132669497039831373129",
                "315946612120584429914946406574557642269",
                "328133841144927372287022642914707367252",
                "285530675835628663315257229569888789431",
                "12925032372841418183362763382660228163",
                "1392753192478141695634323936107587428",
                "83636297023012457220557284499874443037",
                "167454788257354564009068088371802205875",
                "254045256479972657073730343412977611709",
                "278209861557045436679781852880165368733",
                "83636297023012457220557284499874443037",
                "295229696383238416207630473514320331772",
                "49419417650519065408440289126427259291",
                "5853325211073076146435485586015903074"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@468f6eafa6c44cb2c5d8aad35e12f06c240a812a",
        "target": {
            "file": "kernel/bpf/verifier.c"
        },
        "deprecated": false
    },
    {
        "id": "CVE-2017-17852-b9e14882",
        "signature_type": "Function",
        "digest": {
            "function_hash": "29194121576839098552388205377397075486",
            "length": 4141.0
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@468f6eafa6c44cb2c5d8aad35e12f06c240a812a",
        "target": {
            "function": "adjust_scalar_min_max_vals",
            "file": "kernel/bpf/verifier.c"
        },
        "deprecated": false
    }
]