Vulnetix
Try Vulnetix Request Demo
CVE-2017-18222 PUBLISHED

In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impact, as demonstrated by incompatibility between hns_get_sset_count and ethtool_get_strings.

EPSS 0.16% · 36.4th percentile

Risk Scores

EPSS Score
0.16%
36.4th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1074.77+cvm1.1, 0, 5.4.0-1063.66+cvm2.2
Ubuntu:20.04:LTSlinux-riscv5.4.0-39.44, 5.4.0-40.45, 5.4.0-24.28
Ubuntu:14.04:LTSlinux-aws4.4.0-1010.10, 4.4.0-1009.9, 4.4.0-1006.6
Ubuntu:Pro:FIPS:16.04:LTSlinux-fips4.4.0-1005.5, 4.4.0-1006.6, 4.4.0-1003.3
Ubuntu:16.04:LTSlinux-raspi24.4.0-1074.82, 4.4.0-1054.61, 4.4.0-1055.62
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:16.04:LTSlinux-hwe4.8.0-45.48~16.04.1, 4.8.0-46.49~16.04.1, 4.8.0-49.52~16.04.1
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-98.121~14.04.1, 0, 4.4.0-13.29~14.04.1
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1071.76, 4.4.0-1072.77, 4.4.0-1073.78
Ubuntu:20.04:LTSlinux-raspi25.3.0-1014.16, 5.3.0-1007.8, 0
Ubuntu:20.04:LTSlinux-gke5.4.0-1094.101, 5.4.0-1091.98, 5.4.0-1090.97
Ubuntu:16.04:LTSlinux-aws4.4.0-1057.66, 4.4.0-1055.64, 4.4.0-1054.63
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35
Ubuntu:22.04:LTSlinux-riscv5.15.0-1016.18, 5.15.0-1017.19, 5.15.0-1018.21
Ubuntu:16.04:LTSlinux-kvm4.4.0-1020.25, 4.4.0-1017.22, 4.4.0-1015.20
Ubuntu:16.04:LTSlinux4.4.0-83.106, 4.4.0-87.110, 4.4.0-89.112

Timeline

References

Open in Interactive Console →