Vulnerability CVE-2017-5123: Information

Description

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-5123
Published: Nov. 3, 2021
Modified: April 18, 2022
Error type identifier: CWE-20

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-un-defsisyphus4.13.7-alt16.6.31-alt1ALT-PU-2017-2434-1190832Fixed
kernel-image-un-defp104.13.7-alt16.1.85-alt1ALT-PU-2017-2434-1190832Fixed
kernel-image-un-defp94.13.7-alt15.10.216-alt2ALT-PU-2017-2434-1190832Fixed
kernel-image-un-defp84.14.12-alt0.M80P.14.19.310-alt0.M80P.1ALT-PU-2018-1020-1197928Fixed
kernel-image-un-defc10f14.13.7-alt16.1.85-alt0.c10f.1ALT-PU-2017-2434-1190832Fixed
kernel-image-un-defc9f24.13.7-alt15.10.29-alt2ALT-PU-2017-2434-1190832Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://crbug.com/772848
  • Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96ca579a1ecc943b75beba58bebb0356f6cc4b51
  • Patch
  • Vendor Advisory
https://security.netapp.com/advisory/ntap-20211223-0003/
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
      Start including
      4.13
      End excliding
      4.13.7

      Configuration 2

      cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

      Configuration 5

      cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

      Configuration 6

      cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

      Configuration 7

      cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

      Configuration 8

      cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

      Configuration 9

      cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.1
Back to top