Vulnerability & Exploit Database

Displaying all 2 entries

Results for: CVE-2017-17806 Back to search

Debian: CVE-2017-17806: linux -- security update Vulnerability

  • Severity: 7
  • Published: December 19, 2017

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overf...

SUSE: CVE-2017-17806: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: December 19, 2017

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overf...