VDB

CVE-2017-7477

CVE-2017-7477 PUBLISHED

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.

EPSS 0.05% · 15.9th percentile

Risk Scores

EPSS Score
0.05%
15.9th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1063.66+cvm2.2, 5.4.0-1063.66+cvm3.2, 0
Ubuntu:20.04:LTSlinux-gke5.4.0-1053.56, 5.4.0-1039.41, 5.4.0-1052.55
Ubuntu:20.04:LTSlinux-riscv5.4.0-34.38, 5.4.0-39.44, 5.4.0-27.31
Ubuntu:18.04:LTSlinux-hwe*, 0, 4.18.0-14.15~18.04.1
Ubuntu:18.04:LTSlinux-azure5.0.0-1029.31~18.04.1, 5.0.0-1032.34, 5.0.0-1035.37
Ubuntu:18.04:LTSlinux-gcp4.15.0-1005.5, 4.15.0-1001.1, 4.15.0-1040.42
Ubuntu:16.04:LTSlinux-hwe4.8.0-49.52~16.04.1, 4.8.0-45.48~16.04.1, 4.8.0-52.55~16.04.1
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:20.04:LTSlinux-raspi25.3.0-1014.16, 5.4.0-1006.6, 5.4.0-1004.4
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:22.04:LTSlinux-riscv5.15.0-1026.30, 5.15.0-1005.5, 5.15.0-1028.32

Timeline

  • Apr 25, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 22, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 27, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 5, 2022 EPSS Score
  • Jan 7, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›