H3C Security Vulnerability - Linux kernel LDT use after free - CVE-2017-17053
04-02-2021【Summary】
The init_new_context function inarch/x86/include/asm/mmu_context.hin the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.
【Impact】
An attacker could use this flaw to cause memory corruption or possibly other impact.
【Software Versions and Fixes】
Product Name | Affected Version | Resolved Product and Version |
S3100V3 | All | TBC before Jan 31,2020 |
S6520X | All | TBC before Jan 31,2020 |
vBRAS | All | Upgrade to CMW710- E1116L09 |
vLNS | All | Upgrade to CMW710- E1116L09 |
T10X0 | All | Upgrade to CMW710- R8524P25 |
T5010/T5020 | All | Upgrade to CMW710- R8524P25 |
T5080 | All | Upgrade to CMW710- R8504P25 |
vFW | All | Upgrade to CMW710- E1171P12 |
S5130S-EI | All | TBC before Jan 31,2020 |
SecBlade IV IPS | All | Upgrade to CMW710- R8522P25 |
S5560X | All | TBC before Jan 31,2020 |
SecBlade III NetStream | All | Upgrade to CMW710- R8528P25 |
SecBlade IV NetStream | All | Upgrade to CMW710- R8524P25 |
SecBlade IV NGFW | All | Upgrade to CMW710- R8524P25 |
SecBlade IV LSPM6FWD | All | Upgrade to CMW710- R8523P25 |
SecBlade III NGFW | All | Upgrade to CMW710- R8229P25 |
D2000-G | All | TBC before Jan 31,2020 |
R4900 G2 | All | TBC before Jan 31,2020 |
【Temporary Fix】
None
【Revision History】
2019-12-16 V1.0 INITIAL
H3C advocates that every effort be made to safeguard the ultimate interests of product users, to abide by principles of responsible disclosure of security incidents, and to handle product security issues in accordance with security issues mechanisms. For information on H3C's security emergency response service and H3C product vulnerabilities, please visithttps://www.h3c.com/en/Support/Online_Help/psirt/.