A user with the CAP_SYS_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a CIFSv2 server using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.
“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7407.”
CVE-2017-7405
A user with the CAP_SYS_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a CIFSv2 server using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.
“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7405.”
CVE-2017-7406
The “net rpc creds” command issued by the target of a remote code execution exploit can trigger this flaw on Linux when the target is configured to use a CIFSv2 server.
“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7406.”
CVE-2017-7408
The “net rpc creds” command can be abused to create a denial of service condition in the target CIFSv2 server. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.
“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7408.”
CVE-2018-5688
A user with the CAP_MAC_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a Mac OS client using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.
“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7407.”
CVE-2018-5688 is not currently assigned an identifier by MITRE because it was discovered after CVE-2022-0168 was assigned an identifier by MITRE
CVE-2018-10933
A user with the CAP_NET_BIND_SERVICE privilege can trigger this flaw when performing a remote code execution exploit on a BIND server using the “dig” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.
“In RHEL 7 and 6.7, a patch for the named-checkzone function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7408.”
Both CVEs have been assigned "mitigation by disabling DNS services" as a resolution method, so it is recommended that all users disable DNS services after applying patches
Timeline
Published on: 08/26/2022 18:15:00 UTC
Last modified on: 09/01/2022 15:29:00 UTC