The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an iptables action.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "162258670710416702997586488041210628232", "148964180394642854167106965748630098256", "15984514308700478718840847737910083897", "232735794523049691887418241897364459863", "324155596358226543237301865408864531656", "230697090639336258677461166945617381557", "333144358156474064786568956147931082934" ] }, "signature_type": "Line", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901", "target": { "file": "net/netfilter/xt_TCPMSS.c" }, "id": "CVE-2017-18017-54b595aa", "signature_version": "v1" }, { "digest": { "length": 2288.0, "function_hash": "258529677211135581736056381308471737043" }, "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@2638fd0f92d4397884fd991d8f4925cb3f081901", "target": { "function": "tcpmss_mangle_packet", "file": "net/netfilter/xt_TCPMSS.c" }, "id": "CVE-2017-18017-67aac2b8", "signature_version": "v1" }, { "digest": { "length": 2288.0, "function_hash": "258529677211135581736056381308471737043" }, "signature_type": "Function", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901", "target": { "function": "tcpmss_mangle_packet", "file": "net/netfilter/xt_TCPMSS.c" }, "id": "CVE-2017-18017-b06ea2bf", "signature_version": "v1" }, { "digest": { "threshold": 0.9, "line_hashes": [ "162258670710416702997586488041210628232", "148964180394642854167106965748630098256", "15984514308700478718840847737910083897", "232735794523049691887418241897364459863", "324155596358226543237301865408864531656", "230697090639336258677461166945617381557", "333144358156474064786568956147931082934" ] }, "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@2638fd0f92d4397884fd991d8f4925cb3f081901", "target": { "file": "net/netfilter/xt_TCPMSS.c" }, "id": "CVE-2017-18017-eea7e029", "signature_version": "v1" } ] }