Search for vulnerabilities
Vulnerability details: VCID-wsxe-w8fp-aaas
Vulnerability ID VCID-wsxe-w8fp-aaas
Aliases CVE-2017-12133
Summary Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-12133.html
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12133.json
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00372 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00476 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00476 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00476 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00476 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00635 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2017-12133
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1478288
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12133
cvssv3 3.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2017-12133
cvssv3 5.9 https://nvd.nist.gov/vuln/detail/CVE-2017-12133
archlinux Critical https://security.archlinux.org/AVG-368
archlinux Critical https://security.archlinux.org/AVG-369
generic_textual Low https://ubuntu.com/security/notices/USN-4416-1
generic_textual Low https://usn.ubuntu.com/usn/usn-4416-1
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-12133.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12133.json
https://api.first.org/data/v1/epss?cve=CVE-2017-12133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12133
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/
https://sourceware.org/bugzilla/show_bug.cgi?id=21115
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491
https://ubuntu.com/security/notices/USN-4416-1
https://usn.ubuntu.com/4416-1/
https://usn.ubuntu.com/usn/usn-4416-1
https://www.securityfocus.com/bid/100679
1478288 https://bugzilla.redhat.com/show_bug.cgi?id=1478288
870648 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870648
AVG-368 https://security.archlinux.org/AVG-368
AVG-369 https://security.archlinux.org/AVG-369
cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
CVE-2017-12133 https://nvd.nist.gov/vuln/detail/CVE-2017-12133
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12133.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-12133
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-12133
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.56072
EPSS Score 0.00372
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.