cpe:/o:linux:linux_kernel:4.14.4 CVE-2017-17448 2017-12-06T19:29:00.317-05:00 2019-10-02T20:03:26.223-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 102117 DEBIAN DSA-4073 DEBIAN DSA-4082 REDHAT RHSA-2018:0654 REDHAT RHSA-2018:0676 REDHAT RHSA-2018:1062 UBUNTU USN-3617-1 UBUNTU USN-3617-2 UBUNTU USN-3617-3 UBUNTU USN-3619-1 UBUNTU USN-3619-2 UBUNTU USN-3620-1 UBUNTU USN-3620-2 UBUNTU USN-3632-1 MISC https://patchwork.kernel.org/patch/10089373/ net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.