Launchpad.net

CVE 2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Related bugs and status

CVE-2017-18017 (Candidate) is related to these bugs:

Bug #1739765: xt_TCPMSS buffer overflow bug

Summary				In	Importance	Status
	1739765	xt_TCPMSS buffer overflow bug		linux (Ubuntu)	Undecided	Fix Released

Bug #1742772: powerpc: flush L1D on return to use

		In	Importance	Status
1742772	powerpc: flush L1D on return to use	linux (Ubuntu)	Undecided	Fix Released
1742772	powerpc: flush L1D on return to use	linux (Ubuntu Artful)	Undecided	Fix Released
1742772	powerpc: flush L1D on return to use	linux (Ubuntu Xenial)	Undecided	Fix Released
1742772	powerpc: flush L1D on return to use	linux (Ubuntu Trusty)	Medium	Fix Released

Bug #1745338: upload urgency should be medium by default

		In	Importance	Status
1745338	upload urgency should be medium by default	linux (Ubuntu)	Medium	Fix Released
1745338	upload urgency should be medium by default	linux (Ubuntu Artful)	Medium	Fix Released
1745338	upload urgency should be medium by default	linux (Ubuntu Trusty)	Medium	Fix Released
1745338	upload urgency should be medium by default	linux (Ubuntu Precise)	Medium	Fix Released
1745338	upload urgency should be medium by default	linux (Ubuntu Xenial)	Medium	Fix Released

Bug #1746900: linux: 3.13.0-142.191 -proposed tracker

		In	Importance	Status
1746900	linux: 3.13.0-142.191 -proposed tracker	linux (Ubuntu)	Undecided	Invalid
1746900	linux: 3.13.0-142.191 -proposed tracker	linux (Ubuntu Trusty)	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow upload-to-ppa	Medium	Invalid
1746900	linux: 3.13.0-142.191 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-18017

Related bugs and status

Related bugs

References