Upstream information

CVE-2017-5970 at MITRE

Description

The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.

SUSE information

CVSS v2 Scores
  National Vulnerability Database SUSE
Base Score 4.96 7.12
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P AV:N/AC:M/Au:N/C:N/I:N/A:C
Access Vector Network Network
Access Complexity Low Medium
Authentication None None
Confidentiality Impact None None
Integrity Impact None None
Availability Impact Partial Complete
CVSS v3 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Vector Network
Access Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High

Note from the SUSE Security Team

This issue was introduced in Linux Kernel 3.3, older versions are not affected.

SUSE Bugzilla entries: 1024938 [RESOLVED / ], 1025013 [RESOLVED / ]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Openstack Cloud Magnum Orchestration 7
  • kernel-default >= 4.4.49-92.11.1
Patchnames:
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300
SUSE Linux Enterprise Build System Kit 12 SP1
  • kernel-zfcpdump >= 3.12.69-60.64.32.1
Patchnames:
SUSE-SLE-BSK-12-SP1-2017-267
SUSE Linux Enterprise Build System Kit 12 SP2
  • kernel-zfcpdump >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-BSK-12-SP2-2017-300
SUSE Linux Enterprise Desktop 12 SP1
  • kernel-default >= 3.12.69-60.64.32.1
  • kernel-default-devel >= 3.12.69-60.64.32.1
  • kernel-default-extra >= 3.12.69-60.64.32.1
  • kernel-devel >= 3.12.69-60.64.32.1
  • kernel-macros >= 3.12.69-60.64.32.1
  • kernel-source >= 3.12.69-60.64.32.1
  • kernel-syms >= 3.12.69-60.64.32.1
  • kernel-xen >= 3.12.69-60.64.32.1
  • kernel-xen-devel >= 3.12.69-60.64.32.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP1-2017-267
SUSE Linux Enterprise Desktop 12 SP2
  • kernel-default >= 4.4.49-92.11.1
  • kernel-default-devel >= 4.4.49-92.11.1
  • kernel-default-extra >= 4.4.49-92.11.1
  • kernel-devel >= 4.4.49-92.11.1
  • kernel-macros >= 4.4.49-92.11.1
  • kernel-source >= 4.4.49-92.11.1
  • kernel-syms >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP2-2017-300
SUSE Linux Enterprise High Availability 12 SP2
  • cluster-md-kmp-default >= 4.4.49-92.11.1
  • cluster-network-kmp-default >= 4.4.49-92.11.1
  • dlm-kmp-default >= 4.4.49-92.11.1
  • gfs2-kmp-default >= 4.4.49-92.11.1
  • kernel-default >= 4.4.49-92.11.1
  • ocfs2-kmp-default >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-HA-12-SP2-2017-300
SUSE Linux Enterprise Live Patching 12
  • kgraft-patch-3_12_57-60_35-default >= 8-2.1
  • kgraft-patch-3_12_57-60_35-xen >= 8-2.1
  • kgraft-patch-3_12_59-60_41-default >= 8-2.1
  • kgraft-patch-3_12_59-60_41-xen >= 8-2.1
  • kgraft-patch-3_12_59-60_45-default >= 8-2.1
  • kgraft-patch-3_12_59-60_45-xen >= 8-2.1
  • kgraft-patch-3_12_62-60_62-default >= 7-2.1
  • kgraft-patch-3_12_62-60_62-xen >= 7-2.1
  • kgraft-patch-3_12_62-60_64_8-default >= 6-2.1
  • kgraft-patch-3_12_62-60_64_8-xen >= 6-2.1
  • kgraft-patch-3_12_67-60_64_18-default >= 5-2.1
  • kgraft-patch-3_12_67-60_64_18-xen >= 5-2.1
  • kgraft-patch-3_12_67-60_64_21-default >= 4-2.1
  • kgraft-patch-3_12_67-60_64_21-xen >= 4-2.1
  • kgraft-patch-3_12_67-60_64_24-default >= 3-2.1
  • kgraft-patch-3_12_67-60_64_24-xen >= 3-2.1
  • kgraft-patch-3_12_69-60_64_29-default >= 2-2.1
  • kgraft-patch-3_12_69-60_64_29-xen >= 2-2.1
  • kgraft-patch-3_12_69-60_64_32-default >= 1-2.1
  • kgraft-patch-3_12_69-60_64_32-xen >= 1-2.1
  • kgraft-patch-4_4_21-69-default >= 4-11.1
  • kgraft-patch-4_4_21-81-default >= 4-2.1
  • kgraft-patch-4_4_21-84-default >= 3-2.1
  • kgraft-patch-4_4_21-90-default >= 3-2.1
  • kgraft-patch-4_4_38-93-default >= 3-2.1
  • kgraft-patch-4_4_49-92_11-default >= 1-6.1
  • kgraft-patch-SLE12-SP1_Update_10 >= 4-2.1
  • kgraft-patch-SLE12-SP1_Update_11 >= 3-2.1
  • kgraft-patch-SLE12-SP1_Update_12 >= 2-2.1
  • kgraft-patch-SLE12-SP1_Update_13 >= 1-2.1
  • kgraft-patch-SLE12-SP1_Update_4 >= 8-2.1
  • kgraft-patch-SLE12-SP1_Update_5 >= 8-2.1
  • kgraft-patch-SLE12-SP1_Update_6 >= 8-2.1
  • kgraft-patch-SLE12-SP1_Update_7 >= 7-2.1
  • kgraft-patch-SLE12-SP1_Update_8 >= 6-2.1
  • kgraft-patch-SLE12-SP1_Update_9 >= 5-2.1
  • kgraft-patch-SLE12-SP2_Update_0 >= 4-11.1
  • kgraft-patch-SLE12-SP2_Update_1 >= 4-2.1
  • kgraft-patch-SLE12-SP2_Update_2 >= 3-2.1
  • kgraft-patch-SLE12-SP2_Update_3 >= 3-2.1
  • kgraft-patch-SLE12-SP2_Update_4 >= 3-2.1
  • kgraft-patch-SLE12-SP2_Update_5 >= 1-6.1
Patchnames:
SUSE-SLE-Live-Patching-12-2017-267
SUSE-SLE-Live-Patching-12-2017-300
SUSE-SLE-Live-Patching-12-2017-425
SUSE-SLE-Live-Patching-12-2017-426
SUSE-SLE-Live-Patching-12-2017-427
SUSE-SLE-Live-Patching-12-2017-428
SUSE-SLE-Live-Patching-12-2017-429
SUSE-SLE-Live-Patching-12-2017-430
SUSE-SLE-Live-Patching-12-2017-431
SUSE-SLE-Live-Patching-12-2017-432
SUSE-SLE-Live-Patching-12-2017-433
SUSE-SLE-Live-Patching-12-2017-434
SUSE-SLE-Live-Patching-12-2017-435
SUSE-SLE-Live-Patching-12-2017-436
SUSE-SLE-Live-Patching-12-2017-438
SUSE-SLE-Live-Patching-12-2017-443
SUSE Linux Enterprise Module for Public Cloud 12
  • kernel-ec2 >= 3.12.61-52.72.1
  • kernel-ec2-devel >= 3.12.61-52.72.1
  • kernel-ec2-extra >= 3.12.61-52.72.1
Patchnames:
SUSE-SLE-Module-Public-Cloud-12-2017-267
SUSE-SLE-Module-Public-Cloud-12-2017-749
SUSE Linux Enterprise Server 11 SP4
  • kernel-bigmem >= 3.0.101-100.1
  • kernel-bigmem-base >= 3.0.101-100.1
  • kernel-bigmem-devel >= 3.0.101-100.1
  • kernel-default >= 3.0.101-100.1
  • kernel-default-base >= 3.0.101-100.1
  • kernel-default-devel >= 3.0.101-100.1
  • kernel-default-man >= 3.0.101-100.1
  • kernel-ec2 >= 3.0.101-100.1
  • kernel-ec2-base >= 3.0.101-100.1
  • kernel-ec2-devel >= 3.0.101-100.1
  • kernel-pae >= 3.0.101-100.1
  • kernel-pae-base >= 3.0.101-100.1
  • kernel-pae-devel >= 3.0.101-100.1
  • kernel-ppc64 >= 3.0.101-100.1
  • kernel-ppc64-base >= 3.0.101-100.1
  • kernel-ppc64-devel >= 3.0.101-100.1
  • kernel-source >= 3.0.101-100.1
  • kernel-syms >= 3.0.101-100.1
  • kernel-trace >= 3.0.101-100.1
  • kernel-trace-base >= 3.0.101-100.1
  • kernel-trace-devel >= 3.0.101-100.1
  • kernel-xen >= 3.0.101-100.1
  • kernel-xen-base >= 3.0.101-100.1
  • kernel-xen-devel >= 3.0.101-100.1
Patchnames:
slessp4-linux-kernel-13105
SUSE Linux Enterprise Server 12 SP1
  • kernel-default >= 3.12.69-60.64.32.1
  • kernel-default-base >= 3.12.69-60.64.32.1
  • kernel-default-devel >= 3.12.69-60.64.32.1
  • kernel-default-man >= 3.12.69-60.64.32.1
  • kernel-devel >= 3.12.69-60.64.32.1
  • kernel-macros >= 3.12.69-60.64.32.1
  • kernel-source >= 3.12.69-60.64.32.1
  • kernel-syms >= 3.12.69-60.64.32.1
  • kernel-xen >= 3.12.69-60.64.32.1
  • kernel-xen-base >= 3.12.69-60.64.32.1
  • kernel-xen-devel >= 3.12.69-60.64.32.1
Patchnames:
SUSE-SLE-SERVER-12-SP1-2017-267
SUSE Linux Enterprise Server 12 SP2
  • kernel-default >= 4.4.49-92.11.1
  • kernel-default-base >= 4.4.49-92.11.1
  • kernel-default-devel >= 4.4.49-92.11.1
  • kernel-default-man >= 4.4.49-92.11.1
  • kernel-devel >= 4.4.49-92.11.1
  • kernel-macros >= 4.4.49-92.11.1
  • kernel-source >= 4.4.49-92.11.1
  • kernel-syms >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-2017-300
SUSE Linux Enterprise Server 12-LTSS
  • kernel-default >= 3.12.61-52.72.1
  • kernel-default-base >= 3.12.61-52.72.1
  • kernel-default-devel >= 3.12.61-52.72.1
  • kernel-default-man >= 3.12.61-52.72.1
  • kernel-devel >= 3.12.61-52.72.1
  • kernel-macros >= 3.12.61-52.72.1
  • kernel-source >= 3.12.61-52.72.1
  • kernel-syms >= 3.12.61-52.72.1
  • kernel-xen >= 3.12.61-52.72.1
  • kernel-xen-base >= 3.12.61-52.72.1
  • kernel-xen-devel >= 3.12.61-52.72.1
  • kgraft-patch-3_12_55-52_42-default >= 7-2.1
  • kgraft-patch-3_12_55-52_42-xen >= 7-2.1
  • kgraft-patch-3_12_55-52_45-default >= 7-2.1
  • kgraft-patch-3_12_55-52_45-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_49-default >= 7-2.1
  • kgraft-patch-3_12_60-52_49-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_54-default >= 7-2.1
  • kgraft-patch-3_12_60-52_54-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_57-default >= 4-2.1
  • kgraft-patch-3_12_60-52_57-xen >= 4-2.1
  • kgraft-patch-3_12_60-52_60-default >= 3-2.1
  • kgraft-patch-3_12_60-52_60-xen >= 3-2.1
  • kgraft-patch-3_12_60-52_63-default >= 3-2.1
  • kgraft-patch-3_12_60-52_63-xen >= 3-2.1
  • kgraft-patch-3_12_61-52_66-default >= 2-2.1
  • kgraft-patch-3_12_61-52_66-xen >= 2-2.1
  • kgraft-patch-3_12_61-52_69-default >= 2-4.1
  • kgraft-patch-3_12_61-52_69-xen >= 2-4.1
  • kgraft-patch-3_12_61-52_72-default >= 1-2.1
  • kgraft-patch-3_12_61-52_72-xen >= 1-2.1
  • kgraft-patch-SLE12_Update_12 >= 7-2.1
  • kgraft-patch-SLE12_Update_13 >= 7-2.1
  • kgraft-patch-SLE12_Update_14 >= 7-2.1
  • kgraft-patch-SLE12_Update_15 >= 7-2.1
  • kgraft-patch-SLE12_Update_16 >= 4-2.1
  • kgraft-patch-SLE12_Update_17 >= 3-2.1
  • kgraft-patch-SLE12_Update_18 >= 3-2.1
  • kgraft-patch-SLE12_Update_19 >= 2-2.1
  • kgraft-patch-SLE12_Update_20 >= 2-4.1
  • kgraft-patch-SLE12_Update_21 >= 1-2.1
Patchnames:
SUSE-SLE-SERVER-12-2017-418
SUSE-SLE-SERVER-12-2017-419
SUSE-SLE-SERVER-12-2017-420
SUSE-SLE-SERVER-12-2017-421
SUSE-SLE-SERVER-12-2017-422
SUSE-SLE-SERVER-12-2017-423
SUSE-SLE-SERVER-12-2017-424
SUSE-SLE-SERVER-12-2017-437
SUSE-SLE-SERVER-12-2017-749
SUSE-SLE-SERVER-12-2017-763
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • kernel-default >= 4.4.49-92.11.1
  • kernel-default-base >= 4.4.49-92.11.1
  • kernel-default-devel >= 4.4.49-92.11.1
  • kernel-devel >= 4.4.49-92.11.1
  • kernel-macros >= 4.4.49-92.11.1
  • kernel-source >= 4.4.49-92.11.1
  • kernel-syms >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-RPI-12-SP2-2017-300
SUSE Linux Enterprise Software Development Kit 11 SP4
  • kernel-docs >= 3.0.101-100.2
Patchnames:
sdksp4-linux-kernel-13105
SUSE Linux Enterprise Software Development Kit 12 SP1
  • kernel-docs >= 3.12.69-60.64.32.3
  • kernel-obs-build >= 3.12.69-60.64.32.1
Patchnames:
SUSE-SLE-SDK-12-SP1-2017-267
SUSE Linux Enterprise Software Development Kit 12 SP2
  • kernel-docs >= 4.4.49-92.11.3
  • kernel-obs-build >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-SDK-12-SP2-2017-300
SUSE Linux Enterprise Workstation Extension 12 SP1
  • kernel-default >= 3.12.69-60.64.32.1
  • kernel-default-extra >= 3.12.69-60.64.32.1
Patchnames:
SUSE-SLE-WE-12-SP1-2017-267
SUSE Linux Enterprise Workstation Extension 12 SP2
  • kernel-default >= 4.4.49-92.11.1
  • kernel-default-extra >= 4.4.49-92.11.1
Patchnames:
SUSE-SLE-WE-12-SP2-2017-300
SUSE Linux Enterprise for SAP 12
  • kernel-default >= 3.12.61-52.72.1
  • kernel-default-base >= 3.12.61-52.72.1
  • kernel-default-devel >= 3.12.61-52.72.1
  • kernel-devel >= 3.12.61-52.72.1
  • kernel-macros >= 3.12.61-52.72.1
  • kernel-source >= 3.12.61-52.72.1
  • kernel-syms >= 3.12.61-52.72.1
  • kernel-xen >= 3.12.61-52.72.1
  • kernel-xen-base >= 3.12.61-52.72.1
  • kernel-xen-devel >= 3.12.61-52.72.1
  • kgraft-patch-3_12_55-52_42-default >= 7-2.1
  • kgraft-patch-3_12_55-52_42-xen >= 7-2.1
  • kgraft-patch-3_12_55-52_45-default >= 7-2.1
  • kgraft-patch-3_12_55-52_45-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_49-default >= 7-2.1
  • kgraft-patch-3_12_60-52_49-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_54-default >= 7-2.1
  • kgraft-patch-3_12_60-52_54-xen >= 7-2.1
  • kgraft-patch-3_12_60-52_57-default >= 4-2.1
  • kgraft-patch-3_12_60-52_57-xen >= 4-2.1
  • kgraft-patch-3_12_60-52_60-default >= 3-2.1
  • kgraft-patch-3_12_60-52_60-xen >= 3-2.1
  • kgraft-patch-3_12_60-52_63-default >= 3-2.1
  • kgraft-patch-3_12_60-52_63-xen >= 3-2.1
  • kgraft-patch-3_12_61-52_66-default >= 2-2.1
  • kgraft-patch-3_12_61-52_66-xen >= 2-2.1
  • kgraft-patch-3_12_61-52_69-default >= 2-4.1
  • kgraft-patch-3_12_61-52_69-xen >= 2-4.1
  • kgraft-patch-3_12_61-52_72-default >= 1-2.1
  • kgraft-patch-3_12_61-52_72-xen >= 1-2.1
  • kgraft-patch-SLE12_Update_12 >= 7-2.1
  • kgraft-patch-SLE12_Update_13 >= 7-2.1
  • kgraft-patch-SLE12_Update_14 >= 7-2.1
  • kgraft-patch-SLE12_Update_15 >= 7-2.1
  • kgraft-patch-SLE12_Update_16 >= 4-2.1
  • kgraft-patch-SLE12_Update_17 >= 3-2.1
  • kgraft-patch-SLE12_Update_18 >= 3-2.1
  • kgraft-patch-SLE12_Update_19 >= 2-2.1
  • kgraft-patch-SLE12_Update_20 >= 2-4.1
  • kgraft-patch-SLE12_Update_21 >= 1-2.1
Patchnames:
SUSE-SLE-SAP-12-2017-418
SUSE-SLE-SAP-12-2017-419
SUSE-SLE-SAP-12-2017-420
SUSE-SLE-SAP-12-2017-421
SUSE-SLE-SAP-12-2017-422
SUSE-SLE-SAP-12-2017-423
SUSE-SLE-SAP-12-2017-424
SUSE-SLE-SAP-12-2017-437
SUSE-SLE-SAP-12-2017-749
SUSE-SLE-SAP-12-2017-763
openSUSE Leap 42.1
  • kernel-debug >= 4.1.38-50.1
  • kernel-debug-base >= 4.1.38-50.1
  • kernel-debug-base-debuginfo >= 4.1.38-50.1
  • kernel-debug-debuginfo >= 4.1.38-50.1
  • kernel-debug-debugsource >= 4.1.38-50.1
  • kernel-debug-devel >= 4.1.38-50.1
  • kernel-debug-devel-debuginfo >= 4.1.38-50.1
  • kernel-default >= 4.1.38-50.1
  • kernel-default-base >= 4.1.38-50.1
  • kernel-default-base-debuginfo >= 4.1.38-50.1
  • kernel-default-debuginfo >= 4.1.38-50.1
  • kernel-default-debugsource >= 4.1.38-50.1
  • kernel-default-devel >= 4.1.38-50.1
  • kernel-devel >= 4.1.38-50.1
  • kernel-docs >= 4.1.38-50.3
  • kernel-docs-html >= 4.1.38-50.3
  • kernel-docs-pdf >= 4.1.38-50.3
  • kernel-ec2 >= 4.1.38-50.1
  • kernel-ec2-base >= 4.1.38-50.1
  • kernel-ec2-base-debuginfo >= 4.1.38-50.1
  • kernel-ec2-debuginfo >= 4.1.38-50.1
  • kernel-ec2-debugsource >= 4.1.38-50.1
  • kernel-ec2-devel >= 4.1.38-50.1
  • kernel-macros >= 4.1.38-50.1
  • kernel-obs-build >= 4.1.38-50.2
  • kernel-obs-build-debugsource >= 4.1.38-50.2
  • kernel-obs-qa >= 4.1.38-50.1
  • kernel-pae >= 4.1.38-50.1
  • kernel-pae-base >= 4.1.38-50.1
  • kernel-pae-base-debuginfo >= 4.1.38-50.1
  • kernel-pae-debuginfo >= 4.1.38-50.1
  • kernel-pae-debugsource >= 4.1.38-50.1
  • kernel-pae-devel >= 4.1.38-50.1
  • kernel-pv >= 4.1.38-50.1
  • kernel-pv-base >= 4.1.38-50.1
  • kernel-pv-base-debuginfo >= 4.1.38-50.1
  • kernel-pv-debuginfo >= 4.1.38-50.1
  • kernel-pv-debugsource >= 4.1.38-50.1
  • kernel-pv-devel >= 4.1.38-50.1
  • kernel-source >= 4.1.38-50.1
  • kernel-source-vanilla >= 4.1.38-50.1
  • kernel-syms >= 4.1.38-50.1
  • kernel-vanilla >= 4.1.38-50.1
  • kernel-vanilla-debuginfo >= 4.1.38-50.1
  • kernel-vanilla-debugsource >= 4.1.38-50.1
  • kernel-vanilla-devel >= 4.1.38-50.1
  • kernel-xen >= 4.1.38-50.1
  • kernel-xen-base >= 4.1.38-50.1
  • kernel-xen-base-debuginfo >= 4.1.38-50.1
  • kernel-xen-debuginfo >= 4.1.38-50.1
  • kernel-xen-debugsource >= 4.1.38-50.1
  • kernel-xen-devel >= 4.1.38-50.1
Patchnames:
openSUSE-2017-287
openSUSE Leap 42.2
  • kernel-debug >= 4.4.49-16.1
  • kernel-debug-base >= 4.4.49-16.1
  • kernel-debug-base-debuginfo >= 4.4.49-16.1
  • kernel-debug-debuginfo >= 4.4.49-16.1
  • kernel-debug-debugsource >= 4.4.49-16.1
  • kernel-debug-devel >= 4.4.49-16.1
  • kernel-debug-devel-debuginfo >= 4.4.49-16.1
  • kernel-default >= 4.4.49-16.1
  • kernel-default-base >= 4.4.49-16.1
  • kernel-default-base-debuginfo >= 4.4.49-16.1
  • kernel-default-debuginfo >= 4.4.49-16.1
  • kernel-default-debugsource >= 4.4.49-16.1
  • kernel-default-devel >= 4.4.49-16.1
  • kernel-devel >= 4.4.49-16.1
  • kernel-docs >= 4.4.49-16.2
  • kernel-docs-html >= 4.4.49-16.2
  • kernel-docs-pdf >= 4.4.49-16.2
  • kernel-macros >= 4.4.49-16.1
  • kernel-obs-build >= 4.4.49-16.1
  • kernel-obs-build-debugsource >= 4.4.49-16.1
  • kernel-obs-qa >= 4.4.49-16.1
  • kernel-source >= 4.4.49-16.1
  • kernel-source-vanilla >= 4.4.49-16.1
  • kernel-syms >= 4.4.49-16.1
  • kernel-vanilla >= 4.4.49-16.1
  • kernel-vanilla-base >= 4.4.49-16.1
  • kernel-vanilla-base-debuginfo >= 4.4.49-16.1
  • kernel-vanilla-debuginfo >= 4.4.49-16.1
  • kernel-vanilla-debugsource >= 4.4.49-16.1
  • kernel-vanilla-devel >= 4.4.49-16.1
Patchnames:
openSUSE-2017-286