{"id":"CVE-2017-17449","details":"The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.","modified":"2026-03-15T22:24:03.945451Z","published":"2017-12-07T00:29:00.350Z","related":["SUSE-SU-2017:3398-1","SUSE-SU-2017:3410-1","SUSE-SU-2018:0031-1","SUSE-SU-2018:0115-1","SUSE-SU-2018:0213-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"WEB","url":"https://usn.ubuntu.com/3653-2/"},{"type":"WEB","url":"https://source.android.com/security/bulletin/pixel/2018-04-01"},{"type":"WEB","url":"https://usn.ubuntu.com/3619-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3619-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3655-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3655-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3653-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3657-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4073"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4082"},{"type":"ADVISORY","url":"https://lkml.org/lkml/2017/12/5/950"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1062"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1170"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102122"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1130"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0654"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0676"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17449.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.14.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}