VDB

GCVE-110-MAGEIA-2017-97

GCVE-110-MAGEIA-2017-97
Advisory Published
Vulnetix · Advisory published March 31, 2017
This kernel update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (CVE-2017-7184). For other upstream fixes in this update, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-virtualbox0 (affected), 5.1.18-3.mga5 (unaffected), 0 (affected), 5.1.18-3.mga5 (unaffected)
Mageiakmod-vboxadditions0 (affected), 5.1.18-3.mga5 (unaffected), 0 (affected), 5.1.18-3.mga5 (unaffected)
Mageiakernel-userspace-headers0 (affected), 4.4.59-1.mga5 (unaffected), 0 (affected), 4.4.59-1.mga5 (unaffected)
Mageiakmod-xtables-addons2.10-36.mga5 (unaffected), 0 (affected), 0 (affected), 2.10-36.mga5 (unaffected)
Mageiakernel4.4.59-1.mga5 (unaffected), 0 (affected), 4.4.59-1.mga5 (unaffected), 0 (affected)
Mageiaphp-memcache0 (affected), 3.0.8-10.mga6 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›