CVE-2017-12762

Impact:
Low
Public Date:
2017-08-03
CWE:
CWE-120
Bugzilla:
1481178: CVE-2017-12762 kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver
A buffer overflow was found in the Linux kernel's isdn_net_newslave() function in the /drivers/isdn/i4l/isdn_net.c file. An overflow happens when the user-controlled buffer is copied into a local buffer of constant size using strcpy() without a length check.

Find out more about CVE-2017-12762 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 4.7
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact Low
Availability Impact High

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Will not fix
Red Hat Enterprise Linux 7 kernel Will not fix
Red Hat Enterprise Linux 7 kernel-rt Will not fix
Red Hat Enterprise Linux 7 kernel-alt Affected
Red Hat Enterprise Linux 6 kernel Will not fix
Red Hat Enterprise Linux 5 kernel Will not fix

Mitigation

The ISDN kernel module is automatically loaded when the system boots and the ISDN service is present and enabled. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Run the following commands to blacklist the ISDN module, thus preventing them from loading:

# echo "install isdn /bin/true">> /etc/modprobe.d/disable-isdn.conf

On RHEL 6 execute the following commands as root to check if any isdn-related services are present:

# chkconfig --list | grep isdn

and disable them if they are:

#  chkconfig isdn off

(or use a name of another isdn-related service)

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.