CVE-2017-18017

CRITICAL

Linux Kernel < 3.2.99 - Use After Free

Title source: rule

Description

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

References (33)

... and 13 more

Scores

CVSS v3 9.8
EPSS 0.3776
EPSS Percentile 97.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-416
Status published

Affected Products (50)

linux/linux_kernel < 3.2.99
debian/debian_linux
debian/debian_linux
arista/eos
f5/arx < 6.4.0
suse/caas_platform
suse/linux_enterprise_debuginfo
suse/linux_enterprise_debuginfo
suse/linux_enterprise_module_for_public_cloud
suse/linux_enterprise_point_of_sale
suse/openstack_cloud
opensuse/leap
suse/linux_enterprise_desktop
suse/linux_enterprise_desktop
suse/linux_enterprise_high_availability
... and 35 more

Timeline

Published Jan 03, 2018
Tracked Since Feb 18, 2026