Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceUBUNTU-CVE-2017-18017

UBUNTU-CVE-2017-18017

CRITICAL9.8

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory

Published Jan 3, 2018

Modified 8 months ago

Fix available

Details

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

Affected Packages(144 packages)

linux

Ubuntu 22.04 LTS

Fixed in:

5.13.0-19.19

linux

Ubuntu 14.04 LTS

Affected versions:

3.11.0-12.193.12.0-1.33.12.0-2.53.12.0-2.73.12.0-3.83.12.0-3.93.12.0-4.103.12.0-4.123.12.0-5.133.12.0-7.15+116 more

Fixed in:

3.13.0-142.191

linux

Ubuntu 24.04 LTS

Fixed in:

6.5.0-9.9

linux

Ubuntu 24.10

Fixed in:

6.8.0-31.31

linux

Ubuntu 16.04 LTS

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-10.254.4.0-11.26+46 more

Fixed in:

4.4.0-89.112

linux

Ubuntu 18.04 LTS

Fixed in:

4.13.0-16.19

linux

Ubuntu 20.04 LTS

Affected versions:

5.3.0-18.195.3.0-24.26

Fixed in:

5.4.0-9.12

linux-aws

Ubuntu 22.04 LTS

Fixed in:

5.13.0-1005.6

linux-aws

Ubuntu 14.04 LTS

Fixed in:

4.4.0-1002.2

linux-aws

Ubuntu 16.04 LTS

Affected versions:

4.4.0-1001.104.4.0-1003.124.4.0-1004.134.4.0-1007.164.4.0-1009.184.4.0-1011.204.4.0-1012.214.4.0-1013.224.4.0-1016.254.4.0-1017.26+4 more

Fixed in:

4.4.0-1028.37

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901

http://patchwork.ozlabs.org/patch/746618/

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765

https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901

https://lkml.org/lkml/2017/4/2/13

https://ubuntu.com/security/CVE-2017-18017

https://ubuntu.com/security/notices/USN-3583-1

https://ubuntu.com/security/notices/USN-3583-2

https://www.cve.org/CVERecord?id=CVE-2017-18017

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36

CVSS Analysis

CVSS v3.1

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Related

CVE-2017-18017 USN-3583-1 USN-3583-2

Ecosystems(27)

Ubuntu 22.04 LTS Ubuntu 14.04 LTS Ubuntu 24.04 LTS Ubuntu 24.10 Ubuntu 16.04 LTS

Timeline

PublishedJan 3, 2018

ModifiedJun 24, 2025

UBUNTU-CVE-2017-18017 | Mondoo Vulnerability Intelligence