{"id":"CVE-2017-7558","details":"A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace.","modified":"2026-03-10T14:28:34.048533Z","published":"2018-07-26T15:29:00.357Z","related":["MGASA-2017-0381","MGASA-2017-0383","MGASA-2017-0384"],"references":[{"type":"WEB"},{"type":"ADVISORY","url":"http://seclists.org/oss-sec/2017/q3/338"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100466"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039221"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2930"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2931"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2918"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3981"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7558"},{"type":"FIX","url":"https://marc.info/?l=linux-netdev&m=150348777122761&w=2"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.7"},{"last_affected":"4.13"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc6"}]},{"events":[{"introduced":"0"},{"last_affected":"4.7-rc7"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7558.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}