VDB
GCVE-110-MAGEIA-2017-97
GCVE-110-MAGEIA-2017-97
Advisory Published
This kernel update is based on upstream 4.4.59 and fixes at least
the following security issue:
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux
kernel through 4.10.6 does not validate certain size data after an
XFRM_MSG_NEWAE update, which allows local users to obtain root privileges
or cause a denial of service (heap-based out-of-bounds access) by
leveraging the CAP_NET_ADMIN capability (CVE-2017-7184).
For other upstream fixes in this update, see the referenced changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-virtualbox | 0 (affected), 5.1.18-3.mga5 (unaffected), 0 (affected), 5.1.18-3.mga5 (unaffected) | — |
| Mageia | kmod-vboxadditions | 0 (affected), 5.1.18-3.mga5 (unaffected), 0 (affected), 5.1.18-3.mga5 (unaffected) | — |
| Mageia | kernel-userspace-headers | 0 (affected), 4.4.59-1.mga5 (unaffected), 0 (affected), 4.4.59-1.mga5 (unaffected) | — |
| Mageia | kmod-xtables-addons | 2.10-36.mga5 (unaffected), 0 (affected), 0 (affected), 2.10-36.mga5 (unaffected) | — |
| Mageia | kernel | 4.4.59-1.mga5 (unaffected), 0 (affected), 4.4.59-1.mga5 (unaffected), 0 (affected) | — |
| Mageia | php-memcache | 0 (affected), 3.0.8-10.mga6 (unaffected) | — |
References
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.