[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-7184":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":110,"related":111,"reserved_at":9,"published_at":145,"modified_at":146,"state":147,"summary":148,"references_raw":157,"kevs":230,"epss":231,"epss_history":234,"metrics":494,"affected":505},"CVE-2017-7184","The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108],{"_key":23},"SUSE-SU-2017:0887-1",{"_key":25},"SUSE-SU-2017:1990-1",{"_key":27},"SUSE-SU-2017:2342-1",{"_key":29},"SUSE-SU-2017:0864-1",{"_key":31},"SUSE-SU-2017:0865-1",{"_key":33},"SUSE-SU-2017:0866-1",{"_key":35},"SUSE-SU-2017:0867-1",{"_key":37},"SUSE-SU-2017:0868-1",{"_key":39},"SUSE-SU-2017:0869-1",{"_key":41},"SUSE-SU-2017:0870-1",{"_key":43},"SUSE-SU-2017:0871-1",{"_key":45},"SUSE-SU-2017:0872-1",{"_key":47},"SUSE-SU-2017:0873-1",{"_key":49},"SUSE-SU-2017:0874-1",{"_key":51},"SUSE-SU-2017:0875-1",{"_key":53},"SUSE-SU-2017:0876-1",{"_key":55},"SUSE-SU-2017:0877-1",{"_key":57},"SUSE-SU-2017:0878-1",{"_key":59},"SUSE-SU-2017:0879-1",{"_key":61},"SUSE-SU-2017:0880-1",{"_key":63},"SUSE-SU-2017:0881-1",{"_key":65},"SUSE-SU-2017:0882-1",{"_key":67},"SUSE-SU-2017:0883-1",{"_key":69},"SUSE-SU-2017:0884-1",{"_key":71},"SUSE-SU-2017:0885-1",{"_key":73},"SUSE-SU-2017:0886-1",{"_key":75},"SUSE-SU-2017:0888-1",{"_key":77},"SUSE-SU-2017:0889-1",{"_key":79},"SUSE-SU-2017:1301-1",{"_key":81},"SUSE-SU-2017:2525-1",{"_key":83},"USN-3249-2",{"_key":85},"USN-3251-2",{"_key":87},"DLA-922-1",{"_key":89},"MGASA-2017-0097",{"_key":91},"MGASA-2017-0098",{"_key":93},"MGASA-2017-0099",{"_key":95},"UBUNTU-CVE-2017-7184",{"_key":97},"USN-3249-1",{"_key":99},"USN-3250-1",{"_key":101},"DEBIAN-CVE-2017-7184",{"_key":103},"RHSA-2017:2918",{"_key":105},"RHSA-2017:2930",{"_key":107},"RHSA-2017:2931",{"_key":109},"RHSA-2019:4159",[],[112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144],{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":89},{"_key":91},{"_key":93},"2017-03-19T18:00:00.000Z","2024-08-05T15:56:35.949Z","Modified",{"cisa_kev":149,"cisa_ransomware":149,"cisa_vendor":9,"epss_severity":150,"epss_score":151,"severity":152,"severity_score":153,"severity_version":154,"severity_source":155,"severity_vector":156,"severity_status":147},false,"low",0.02659,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[158,166,172,177,181,187,191,196,200,204,208,212,217,222,226],{"url":159,"sources":160,"tags":162},"https://blog.trendmicro.com/results-pwn2own-2017-day-one/",[161,155],"cve.org",[163,164,165],"X Refsource MISC","Technical Description","Third Party Advisory",{"url":167,"sources":168,"tags":169},"https://access.redhat.com/errata/RHSA-2017:2918",[161,155],[170,171,165],"Vendor Advisory","X Refsource REDHAT",{"url":173,"sources":174,"tags":175},"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a",[161,155],[176,170],"X Refsource CONFIRM",{"url":178,"sources":179,"tags":180},"https://access.redhat.com/errata/RHSA-2017:2931",[161,155],[170,171,165],{"url":182,"sources":183,"tags":184},"http://www.securityfocus.com/bid/97018",[161,155],[185,186,165],"VDB Entry","X Refsource BID",{"url":188,"sources":189,"tags":190},"https://source.android.com/security/bulletin/2017-05-01",[161,155],[176,165],{"url":192,"sources":193,"tags":194},"http://www.securitytracker.com/id/1038166",[161,155],[185,195,165],"X Refsource SECTRACK",{"url":197,"sources":198,"tags":199},"https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df",[161,155],[176,165],{"url":201,"sources":202,"tags":203},"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df",[161,155],[176,170],{"url":205,"sources":206,"tags":207},"http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition",[161,155],[163,164,165],{"url":209,"sources":210,"tags":211},"https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a",[161,155],[176,165],{"url":213,"sources":214,"tags":215},"https://twitter.com/thezdi/status/842126074435665920",[161,155],[163,216,165],"Press/Media Coverage",{"url":218,"sources":219,"tags":220},"http://openwall.com/lists/oss-security/2017/03/29/2",[161,155],[176,221,165],"Mailing List",{"url":223,"sources":224,"tags":225},"https://access.redhat.com/errata/RHSA-2017:2930",[161,155],[170,171,165],{"url":227,"sources":228,"tags":229},"https://access.redhat.com/errata/RHSA-2019:4159",[161,155],[170,171,165],[],{"date":232,"score":151,"percentile":233},"2026-06-03",0.86059,[235,239,242,245,248,251,254,257,260,263,266,269,272,275,278,282,285,288,291,294,297,300,303,305,307,310,312,315,318,321,324,327,330,333,335,337,340,343,346,349,352,354,357,360,363,366,369,372,375,377,380,383,386,388,391,394,397,400,403,406,409,412,415,418,420,423,425,428,430,433,437,440,443,446,449,452,455,458,461,463,466,469,472,474,477,480,483,485,488,491],{"date":236,"score":237,"percentile":238},"2025-11-04",0.01765,0.82006,{"date":240,"score":237,"percentile":241},"2025-11-05",0.82007,{"date":243,"score":237,"percentile":244},"2025-11-06",0.82011,{"date":246,"score":237,"percentile":247},"2025-11-07",0.82021,{"date":249,"score":237,"percentile":250},"2025-11-08",0.82029,{"date":252,"score":237,"percentile":253},"2025-11-09",0.82025,{"date":255,"score":237,"percentile":256},"2025-11-10",0.82018,{"date":258,"score":237,"percentile":259},"2025-11-11",0.82027,{"date":261,"score":237,"percentile":262},"2025-11-12",0.82037,{"date":264,"score":237,"percentile":265},"2025-11-13",0.82043,{"date":267,"score":237,"percentile":268},"2025-11-14",0.82046,{"date":270,"score":237,"percentile":271},"2025-11-15",0.82041,{"date":273,"score":237,"percentile":274},"2025-11-16",0.82042,{"date":276,"score":237,"percentile":277},"2025-11-17",0.82039,{"date":279,"score":280,"percentile":281},"2025-11-18",0.00468,0.61817,{"date":283,"score":280,"percentile":284},"2025-11-19",0.61834,{"date":286,"score":280,"percentile":287},"2025-11-20",0.61823,{"date":289,"score":237,"percentile":290},"2025-11-21",0.82054,{"date":292,"score":237,"percentile":293},"2025-11-22",0.82056,{"date":295,"score":237,"percentile":296},"2025-11-23",0.8205,{"date":298,"score":237,"percentile":299},"2025-11-24",0.82049,{"date":301,"score":237,"percentile":302},"2025-11-25",0.82044,{"date":304,"score":237,"percentile":302},"2025-11-26",{"date":306,"score":237,"percentile":296},"2025-11-27",{"date":308,"score":237,"percentile":309},"2025-11-28",0.8204,{"date":311,"score":237,"percentile":268},"2025-11-29",{"date":313,"score":237,"percentile":314},"2025-11-30",0.82051,{"date":316,"score":237,"percentile":317},"2025-12-01",0.82124,{"date":319,"score":237,"percentile":320},"2025-12-02",0.82126,{"date":322,"score":237,"percentile":323},"2025-12-03",0.82125,{"date":325,"score":237,"percentile":326},"2025-12-04",0.82048,{"date":328,"score":237,"percentile":329},"2025-12-05",0.82055,{"date":331,"score":237,"percentile":332},"2025-12-06",0.82053,{"date":334,"score":237,"percentile":314},"2025-12-07",{"date":336,"score":237,"percentile":290},"2025-12-08",{"date":338,"score":237,"percentile":339},"2025-12-09",0.82073,{"date":341,"score":237,"percentile":342},"2025-12-10",0.82099,{"date":344,"score":237,"percentile":345},"2025-12-11",0.82117,{"date":347,"score":237,"percentile":348},"2025-12-12",0.82127,{"date":350,"score":237,"percentile":351},"2025-12-13",0.82128,{"date":353,"score":237,"percentile":323},"2025-12-14",{"date":355,"score":237,"percentile":356},"2025-12-15",0.82122,{"date":358,"score":237,"percentile":359},"2025-12-16",0.82133,{"date":361,"score":237,"percentile":362},"2025-12-17",0.82139,{"date":364,"score":237,"percentile":365},"2025-12-18",0.8215,{"date":367,"score":237,"percentile":368},"2025-12-19",0.82156,{"date":370,"score":237,"percentile":371},"2025-12-20",0.82148,{"date":373,"score":237,"percentile":374},"2025-12-21",0.82146,{"date":376,"score":237,"percentile":365},"2025-12-22",{"date":378,"score":237,"percentile":379},"2025-12-23",0.82153,{"date":381,"score":237,"percentile":382},"2025-12-24",0.82162,{"date":384,"score":237,"percentile":385},"2025-12-25",0.82177,{"date":387,"score":237,"percentile":385},"2025-12-26",{"date":389,"score":237,"percentile":390},"2025-12-27",0.82206,{"date":392,"score":237,"percentile":393},"2025-12-28",0.82164,{"date":395,"score":237,"percentile":396},"2025-12-29",0.82159,{"date":398,"score":237,"percentile":399},"2025-12-30",0.82166,{"date":401,"score":237,"percentile":402},"2025-12-31",0.82178,{"date":404,"score":237,"percentile":405},"2026-01-01",0.82247,{"date":407,"score":237,"percentile":408},"2026-01-02",0.82242,{"date":410,"score":237,"percentile":411},"2026-01-03",0.82237,{"date":413,"score":237,"percentile":414},"2026-01-04",0.82155,{"date":416,"score":237,"percentile":417},"2026-01-05",0.82151,{"date":419,"score":237,"percentile":414},"2026-01-06",{"date":421,"score":237,"percentile":422},"2026-01-07",0.82158,{"date":424,"score":237,"percentile":393},"2026-01-08",{"date":426,"score":237,"percentile":427},"2026-01-09",0.82165,{"date":429,"score":237,"percentile":399},"2026-01-10",{"date":431,"score":237,"percentile":432},"2026-01-11",0.82163,{"date":434,"score":435,"percentile":436},"2026-01-12",0.01879,0.82665,{"date":438,"score":435,"percentile":439},"2026-01-13",0.8266,{"date":441,"score":435,"percentile":442},"2026-01-14",0.82679,{"date":444,"score":435,"percentile":445},"2026-01-15",0.82676,{"date":447,"score":435,"percentile":448},"2026-01-16",0.82685,{"date":450,"score":435,"percentile":451},"2026-01-17",0.82687,{"date":453,"score":435,"percentile":454},"2026-01-18",0.82684,{"date":456,"score":435,"percentile":457},"2026-01-19",0.8268,{"date":459,"score":435,"percentile":460},"2026-01-20",0.82682,{"date":462,"score":435,"percentile":451},"2026-01-21",{"date":464,"score":435,"percentile":465},"2026-01-22",0.82694,{"date":467,"score":435,"percentile":468},"2026-01-23",0.82715,{"date":470,"score":435,"percentile":471},"2026-01-24",0.82722,{"date":473,"score":435,"percentile":468},"2026-01-25",{"date":475,"score":435,"percentile":476},"2026-01-26",0.82713,{"date":478,"score":435,"percentile":479},"2026-01-27",0.8271,{"date":481,"score":435,"percentile":482},"2026-01-28",0.82712,{"date":484,"score":435,"percentile":468},"2026-01-29",{"date":486,"score":435,"percentile":487},"2026-01-30",0.8272,{"date":489,"score":435,"percentile":490},"2026-01-31",0.82726,{"date":492,"score":435,"percentile":493},"2026-02-01",0.82803,[495],{"source":155,"cvss_v2_0":496,"cvss_v3_0":9,"cvss_v3_1":501,"cvss_v4_0":9},{"baseScore":497,"baseSeverity":9,"vectorString":498,"impactScore":499,"exploitabilityScore":500},7.2,"AV:L/AC:L/Au:N/C:C/I:C/A:C",10,3.9,{"baseScore":153,"baseSeverity":502,"vectorString":156,"impactScore":503,"exploitabilityScore":504},"HIGH",9.8,4.6,[506],{"ecosystem":9,"name":507,"vendor":508,"product":509,"cpe_part":510,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":511},"linux kernel","linux","linux_kernel","o",[512,515,520,525,529,533,537,541,545,549],{"version":513,"is_range":149,"range_type":514,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.8","cpe",{"version":516,"is_range":517,"range_type":514,"version_start":9,"version_start_type":9,"version_end":518,"version_end_type":519,"fixed_in":9},"lt3.2.89",true,"3.2.89","excluding",{"version":521,"is_range":517,"range_type":514,"version_start":522,"version_start_type":523,"version_end":524,"version_end_type":519,"fixed_in":9},"gte3.3_lt3.10.106","3.3","including","3.10.106",{"version":526,"is_range":517,"range_type":514,"version_start":527,"version_start_type":523,"version_end":528,"version_end_type":519,"fixed_in":9},"gte3.11_lt3.12.73","3.11","3.12.73",{"version":530,"is_range":517,"range_type":514,"version_start":531,"version_start_type":523,"version_end":532,"version_end_type":519,"fixed_in":9},"gte3.13_lt3.16.44","3.13","3.16.44",{"version":534,"is_range":517,"range_type":514,"version_start":535,"version_start_type":523,"version_end":536,"version_end_type":519,"fixed_in":9},"gte3.17_lt3.18.49","3.17","3.18.49",{"version":538,"is_range":517,"range_type":514,"version_start":539,"version_start_type":523,"version_end":540,"version_end_type":519,"fixed_in":9},"gte3.19_lt4.1.49","3.19","4.1.49",{"version":542,"is_range":517,"range_type":514,"version_start":543,"version_start_type":523,"version_end":544,"version_end_type":519,"fixed_in":9},"gte4.2_lt4.4.59","4.2","4.4.59",{"version":546,"is_range":517,"range_type":514,"version_start":547,"version_start_type":523,"version_end":548,"version_end_type":519,"fixed_in":9},"gte4.5_lt4.9.20","4.5","4.9.20",{"version":550,"is_range":517,"range_type":514,"version_start":551,"version_start_type":523,"version_end":552,"version_end_type":519,"fixed_in":9},"gte4.10_lt4.10.8","4.10","4.10.8"]