{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T18:17:19.270","vulnerabilities":[{"cve":{"id":"CVE-2017-7482","sourceIdentifier":"secalert@redhat.com","published":"2018-07-30T14:29:02.990","lastModified":"2024-11-21T03:31:59.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation."},{"lang":"es","value":"en el kernel de Linux en versiones anteriores a la 4.12, los tickets de Kerberos 5 descifrados al emplear las claves RXRPC de forma incorrecta asumen el tamaño de un campo. Esto podría conducir a un wrapping de la variable que mantiene el tamaño y en que el puntero de datos vaya más allá final del búfer. Esto podría conducir a una corrupción de memoria y a un posible escalado de privilegios."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.90","matchCriteriaId":"429C1A9C-998E-457D-8DE5-1CCBA72086E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3","versionEndExcluding":"3.10.108","matchCriteriaId":"7AEC5142-D74C-40FD-9F20-286B9566A40E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"3.16.45","matchCriteriaId":"63252E95-BB44-4171-81B3-530571754ACD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.17","versionEndExcluding":"3.18.59","matchCriteriaId":"DFCD44DB-A537-4F77-B2DC-E0F3EF3FC431"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"4.1.43","matchCriteriaId":"5F6B255F-0933-4983-B3F6-AD5B128A8F04"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.4.75","matchCriteriaId":"210DE424-BB18-453F-8EC0-528DB62330A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"4.9.35","matchCriteriaId":"756E8245-FDA8-4533-839F-003E1102C971"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.11.8","matchCriteriaId":"EC396324-C7F1-4F5F-8C7B-1F084DF92D5B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*","matchCriteriaId":"C60FA8B1-1802-4522-A088-22171DCF7A93"}]}]}],"references":[{"url":"http://seclists.org/oss-sec/2017/q2/602","source":"secalert@redhat.com","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99299","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038787","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0641","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3927","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3945","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://seclists.org/oss-sec/2017/q2/602","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/99299","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038787","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0641","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3927","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3945","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}