{
  "threat_severity" : "Moderate",
  "public_date" : "2017-06-08T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: dereferencing NULL payload with nonzero length",
    "id" : "1500391",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1500391"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-476",
  "details" : [ "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.", "A flaw was found in the implementation of associative arrays where the add_key systemcall and KEYCTL_UPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer dereference (kernel oops)." ],
  "statement" : "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise\nLinux 5,6,7, MRG-2 and realtime kernels.\nRed Hat Enterprise Linux 5 has transitioned to Production phase 3.  \nDuring the Production 3 Phase, Critical impact Security Advisories (RHSAs) \nand selected Urgent Priority Bug Fix Advisories (RHBAs) may be released \nas they become available.\nAt this time this bug is not meet this critera and is unlikley to be fixed\nfor these releases.\nThe official life cycle policy can be reviewed here:\nhttp://redhat.com/rhel/lifecycle\nFuture Linux kernel updates for the products in production phase 1 and 2, namely Red Hat Enterprise\nLinux 6, 7 and MRG-2 may address this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2018-04-10T00:00:00Z",
    "advisory" : "RHSA-2018:0676",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-862.rt56.804.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2018-04-10T00:00:00Z",
    "advisory" : "RHSA-2018:1062",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-862.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Extended Update Support",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1946",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.4",
    "package" : "kernel-0:3.10.0-693.55.1.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-alt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-15274\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-15274" ],
  "name" : "CVE-2017-15274",
  "csaw" : false
}