{
  "threat_severity" : "Moderate",
  "public_date" : "2017-02-16T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)",
    "id" : "1419916",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1419916"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-193",
  "details" : [ "A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.", "A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory." ],
  "statement" : "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 due to a missing commit ( bb646cdb12e75d82258c2f2e7746d5952d3e321a ) which enabled changed system behavior.\nThis issue does affect Red Hat Enteprise Linux 7 and MRG-2 kernels. A future Linux kernel updates for the respective releases may address this issue.",
  "acknowledgement" : "This issue was discovered by Paul Moore (Red Hat Engineering).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-04-12T00:00:00Z",
    "advisory" : "RHSA-2017:0931",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-04-12T00:00:00Z",
    "advisory" : "RHSA-2017:0933",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.16.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2017-04-12T00:00:00Z",
    "advisory" : "RHSA-2017:0932",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-1:3.10.0-514.rt56.219.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-2618\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-2618" ],
  "name" : "CVE-2017-2618",
  "csaw" : false
}