CVE-2017-1000200 - Vulnerability Details

Vendors	Products
Redhat	Storage
Tcmu-runner Project	Tcmu-runner

Package	CPE	Advisory	Released Date
Red Hat Gluster Storage 3.3 for RHEL 7
tcmu-runner-0:1.2.0-16.el7rhgs	cpe:/a:redhat:storage:3.3:server:el7	RHSA-2017:3277	2017-11-29T00:00:00Z

Link	Providers
https://access.redhat.com/errata/RHSA-2017:3277
https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178
https://nvd.nist.gov/vuln/detail/CVE-2017-1000200
https://www.cve.org/CVERecord?id=CVE-2017-1000200

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2017-08-22T00:00:00", "datePublic": "2017-11-16T00:00:00", "descriptions": [{"lang": "en", "value": "tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-01T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2017:3277", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3277"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-08-22T17:29:33.426872", "ID": "CVE-2017-1000200", "REQUESTER": "mgerstner@suse.de", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:3277", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3277"}, {"name": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178", "refsource": "MISC", "url": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T21:53:07.281Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:3277", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3277"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000200", "datePublished": "2017-11-17T02:00:00", "dateReserved": "2017-11-16T00:00:00", "dateUpdated": "2024-08-05T21:53:07.281Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

dateAssigned : 2017-08-22T00:00:00 (string)

datePublic : 2017-11-16T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-12-01T21:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : RHSA-2017:3277 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : https://access.redhat.com/errata/RHSA-2017:3277 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

DATE_ASSIGNED : 2017-08-22T17:29:33.426872 (string)

ID : CVE-2017-1000200 (string)

REQUESTER : mgerstner@suse.de (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : RHSA-2017:3277 (string)

refsource : REDHAT (string)

url : https://access.redhat.com/errata/RHSA-2017:3277 (string)

}

1 : { »

name : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

refsource : MISC (string)

url : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T21:53:07.281Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : RHSA-2017:3277 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : https://access.redhat.com/errata/RHSA-2017:3277 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2017-1000200 (string)

datePublished : 2017-11-17T02:00:00 (string)

dateReserved : 2017-11-16T00:00:00 (string)

dateUpdated : 2024-08-05T21:53:07.281Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "388F3BC0-E99E-44F4-9FF4-4792DEA57C13", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E60BA1B4-3502-4667-96EA-988D382BFEEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C160773C-5CA9-4D6C-B500-DEEFB3E34B3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4C099CE8-FE61-4613-9521-BA2CB65B8154", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "85D0F823-B77A-454A-BB7F-64DB9AD46D1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2A4AFAD-5A0B-4179-BF06-9718F0C5540D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service"}, {"lang": "es", "value": "tcmu-runner desde la versi\u00f3n 1.0.5 hasta la 1.2.0 es vulnerable a una desreferencia de puntero NULL desencadenada por dbus en la funci\u00f3n on_unregister_handler() del demonio tcmu-runner, lo que resulta en una denegaci\u00f3n de servicio (DoS)."}], "id": "CVE-2017-1000200", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-17T02:29:00.987", "references": [{"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:3277"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:3277"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 388F3BC0-E99E-44F4-9FF4-4792DEA57C13 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E60BA1B4-3502-4667-96EA-988D382BFEEF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C160773C-5CA9-4D6C-B500-DEEFB3E34B3B (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 4C099CE8-FE61-4613-9521-BA2CB65B8154 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 85D0F823-B77A-454A-BB7F-64DB9AD46D1C (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B2A4AFAD-5A0B-4179-BF06-9718F0C5540D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service (string)

}

1 : { »

lang : es (string)

value : tcmu-runner desde la versión 1.0.5 hasta la 1.2.0 es vulnerable a una desreferencia de puntero NULL desencadenada por dbus en la función on_unregister_handler() del demonio tcmu-runner, lo que resulta en una denegación de servicio (DoS). (string)

}

]

id : CVE-2017-1000200 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : true (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-11-17T02:29:00.987 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : https://access.redhat.com/errata/RHSA-2017:3277 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://access.redhat.com/errata/RHSA-2017:3277 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/open-iscsi/tcmu-runner/pull/200/commits/bb80e9c7a798f035768260ebdadffb6eb0786178 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-476 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2017:3277", "cpe": "cpe:/a:redhat:storage:3.3:server:el7", "package": "tcmu-runner-0:1.2.0-16.el7rhgs", "product_name": "Red Hat Gluster Storage 3.3 for RHEL 7", "release_date": "2017-11-29T00:00:00Z"}], "bugzilla": {"description": "tcmu-runner: UnregisterHandler D-Bus method in tcmu-runner daemon for internal handler causes DoS", "id": "1487251", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487251"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service", "A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in tcmu-runner via dlopen() to trigger DoS."], "name": "CVE-2017-1000200", "package_state": [{"cpe": "cpe:/a:redhat:ceph_storage:2", "fix_state": "Affected", "package_name": "tcmu-runner", "product_name": "Red Hat Ceph Storage 2"}], "public_date": "2017-07-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-1000200\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-1000200"], "threat_severity": "Moderate"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2017:3277 (string)

cpe : cpe:/a:redhat:storage:3.3:server:el7 (string)

package : tcmu-runner-0:1.2.0-16.el7rhgs (string)

product_name : Red Hat Gluster Storage 3.3 for RHEL 7 (string)

release_date : 2017-11-29T00:00:00Z (string)

}

]

bugzilla : { »

description : tcmu-runner: UnregisterHandler D-Bus method in tcmu-runner daemon for internal handler causes DoS (string)

id : 1487251 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1487251 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : verified (string)

}

cwe : CWE-476 (string)

details : [ »

0 : tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service (string)

1 : A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in tcmu-runner via dlopen() to trigger DoS. (string)

]

name : CVE-2017-1000200 (string)

package_state : [ »

0 : { »

cpe : cpe:/a:redhat:ceph_storage:2 (string)

fix_state : Affected (string)

package_name : tcmu-runner (string)

product_name : Red Hat Ceph Storage 2 (string)

}

]

public_date : 2017-07-14T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2017-1000200 https://nvd.nist.gov/vuln/detail/CVE-2017-1000200 (string)

]

threat_severity : Moderate (string)

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object