VDB

GCVE-110-MAGEIA-2017-99

GCVE-110-MAGEIA-2017-99
Advisory Published
Vulnetix · Advisory published March 31, 2017
This kernel-linus update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (CVE-2017-7184). For other upstream fixes in this update, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiamingw-nsis0 (affected), 3.01-1.mga6 (unaffected)
Mageiakernel-linus0 (affected), 0 (affected), 4.4.59-1.mga5 (unaffected), 4.4.59-1.mga5 (unaffected)

Browse GCVE Records

72,409 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›