CVE-2017-17856

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events: Fixed

a5ec6ae161d72f01411169a938fa5f8baea16e8f

Introduced

bebc6082da0a9f5d47a1ea2edc099bf671058bd4

Fixed

a5ec6ae161d72f01411169a938fa5f8baea16e8f

Affected versions

v4.*

v4.14

v4.15-rc1

v4.15-rc2

v4.15-rc3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17856.json"

vanir_signatures

[
    {
        "deprecated": false,
        "digest": {
            "function_hash": "286965724805557831621405290921819353744",
            "length": 513.0
        },
        "signature_type": "Function",
        "target": {
            "file": "kernel/bpf/verifier.c",
            "function": "check_ptr_alignment"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@a5ec6ae161d72f01411169a938fa5f8baea16e8f",
        "id": "CVE-2017-17856-5498b2f4",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "314652524730166034491522010103725163635",
                "295403013705235209877165538424800076985",
                "71018713512518131315035227273564569398",
                "32190137506371945864681877987437428800"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "kernel/bpf/verifier.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@a5ec6ae161d72f01411169a938fa5f8baea16e8f",
        "id": "CVE-2017-17856-b5fe0065",
        "signature_version": "v1"
    }
]