CVE-2017-11089

Impact:
Moderate
Public Date:
2017-07-07
CWE:
CWE-125
Bugzilla:
1564038: CVE-2017-11089 kernel: Out-of-bounds read in nl80211_set_station allows privileged local attacker to cause system crash or possibly code execution
A flaw was found in the netlink 802.11 configuration interface. A local privileged attacker (CAP_NET_ADMIN) could crash the system or possibly execute arbitrary code.

Find out more about CVE-2017-11089 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 6.4
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 6 kernel Will not fix
Red Hat Enterprise Linux 5 kernel Not affected

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.