CVE-2017-17805

Published: Dec 20, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.

Affected (22)

Products: Linux: Linux Kernel · Debian: Debian Linux · Opensuse: Leap · +3 more

Show all products

Linux: Linux Kernel · Debian: Debian Linux · Opensuse: Leap · Opensuse Project: Leap · Suse: Linux Enterprise Desktop, Linux Enterprise Server, Linux Enterprise Server For Raspberry Pi · Canonical: Ubuntu Linux

1 product

1 product

1 product

1 product

3 products

Linux Enterprise Desktop

Linux Enterprise Server

Linux Enterprise Server For Raspberry Pi

Canonical

1 product

Ubuntu Linux

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.25 to 3.2.97
Linux Linux Kernel	From 3.17 to 3.18.89
Linux Linux Kernel	From 3.19 to 4.1.49
Linux Linux Kernel	From 3.3 to 3.16.52
Linux Linux Kernel	From 4.10 to 4.14.8
Linux Linux Kernel	From 4.2 to 4.4.107
Linux Linux Kernel	From 4.5 to 4.9.71

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0
Opensuse Leap	Version 42.2
Opensuse Project Leap	Version 42.3
Suse Linux Enterprise Desktop	Version 12 sp2
Suse Linux Enterprise Desktop	Version 12 sp3
Suse Linux Enterprise Server	Version 11 extra
Suse Linux Enterprise Server	Version 11 sp4
Suse Linux Enterprise Server	Version 12 sp2
Suse Linux Enterprise Server	Version 12 sp3
Suse Linux Enterprise Server For Raspberry Pi	Version 12 sp2

Configuration C

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 17.10

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (48)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e

Source: cve@mitre.org

Patch

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/102291

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2948

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3083

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3096

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2473

Source: cve@mitre.org

Third Party Advisory

https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e

Source: cve@mitre.org

Patch

https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3617-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3617-2/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3617-3/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3619-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3619-2/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3620-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3620-2/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3632-1/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2017/dsa-4073

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2018/dsa-4082

Source: cve@mitre.org

Third Party Advisory

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8

Source: cve@mitre.org

Issue TrackingRelease Notes

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e