VDB

GCVE-110-MAGEIA-2017-98

GCVE-110-MAGEIA-2017-98
Advisory Published
Vulnetix · Advisory published March 31, 2017
This kernel-tmb update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (CVE-2017-7184). For other upstream fixes in this update, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiarust0 (affected), 1.21.0-1.mga6 (unaffected)
Mageiacargo0 (affected), 0.22.0-1.mga6 (unaffected)
Mageiakernel-tmb0 (affected), 0 (affected), 4.4.59-1.mga5 (unaffected), 4.4.59-1.mga5 (unaffected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›