VDB
GCVE-110-MAGEIA-2017-99
GCVE-110-MAGEIA-2017-99
Advisory Published
This kernel-linus update is based on upstream 4.4.59 and fixes at least
the following security issue:
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux
kernel through 4.10.6 does not validate certain size data after an
XFRM_MSG_NEWAE update, which allows local users to obtain root privileges
or cause a denial of service (heap-based out-of-bounds access) by
leveraging the CAP_NET_ADMIN capability (CVE-2017-7184).
For other upstream fixes in this update, see the referenced changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mingw-nsis | 0 (affected), 3.01-1.mga6 (unaffected) | — |
| Mageia | kernel-linus | 0 (affected), 0 (affected), 4.4.59-1.mga5 (unaffected), 4.4.59-1.mga5 (unaffected) | — |
References
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.