Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-307
Vulnerability from certfr_avis - Published: 2017-09-19 - Updated: 2017-09-19
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 17.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7097",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
},
{
"name": "CVE-2017-10663",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10663"
},
{
"name": "CVE-2017-8831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8831"
},
{
"name": "CVE-2017-7472",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7472"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
},
{
"name": "CVE-2016-8650",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8650"
},
{
"name": "CVE-2017-6951",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
},
{
"name": "CVE-2017-5970",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5970"
},
{
"name": "CVE-2016-10200",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10200"
},
{
"name": "CVE-2017-1000251",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000251"
},
{
"name": "CVE-2016-9178",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9178"
},
{
"name": "CVE-2017-6214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
},
{
"name": "CVE-2016-9083",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
},
{
"name": "CVE-2016-9754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9754"
},
{
"name": "CVE-2017-7541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7541"
},
{
"name": "CVE-2016-10044",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10044"
},
{
"name": "CVE-2017-7187",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7187"
},
{
"name": "CVE-2016-9191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9191"
},
{
"name": "CVE-2016-9604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
},
{
"name": "CVE-2016-9084",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
}
],
"initial_release_date": "2017-09-19T00:00:00",
"last_revision_date": "2017-09-19T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-307",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-09-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3420-1 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3420-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3422-2 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3422-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3423-1 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3423-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3419-2 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3419-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3422-1 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3422-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3419-1 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3419-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3420-2 du 18 septembre 2017",
"url": "https://usn.ubuntu.com/usn/usn-3420-2/"
}
]
}
CVE-2017-1000251 (GCVE-0-2017-1000251)
Vulnerability from cvelistv5 – Published: 2017-09-12 17:00 – Updated: 2024-08-05 22:00
VLAI
EPSS
Summary
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2017-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2732",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2732"
},
{
"name": "42762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42762/"
},
{
"name": "RHSA-2017:2705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2705"
},
{
"name": "RHSA-2017:2683",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2683"
},
{
"name": "RHSA-2017:2704",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2704"
},
{
"name": "RHSA-2017:2682",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2682"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/blueborne"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.armis.com/blueborne"
},
{
"name": "1039373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039373"
},
{
"name": "RHSA-2017:2731",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2731"
},
{
"name": "DSA-3981",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "RHSA-2017:2706",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name": "100809",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100809"
},
{
"name": "VU#240311",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/240311"
},
{
"name": "RHSA-2017:2681",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2681"
},
{
"name": "RHSA-2017:2679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2679"
},
{
"name": "RHSA-2017:2680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2680"
},
{
"name": "RHSA-2017:2707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2707"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-09-08T00:00:00.000Z",
"datePublic": "2017-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:2732",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2732"
},
{
"name": "42762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42762/"
},
{
"name": "RHSA-2017:2705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2705"
},
{
"name": "RHSA-2017:2683",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2683"
},
{
"name": "RHSA-2017:2704",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2704"
},
{
"name": "RHSA-2017:2682",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2682"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/blueborne"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.armis.com/blueborne"
},
{
"name": "1039373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039373"
},
{
"name": "RHSA-2017:2731",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2731"
},
{
"name": "DSA-3981",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "RHSA-2017:2706",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name": "100809",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100809"
},
{
"name": "VU#240311",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/240311"
},
{
"name": "RHSA-2017:2681",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2681"
},
{
"name": "RHSA-2017:2679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2679"
},
{
"name": "RHSA-2017:2680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2680"
},
{
"name": "RHSA-2017:2707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2707"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-09-08",
"ID": "CVE-2017-1000251",
"REQUESTER": "security@armis.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2732",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2732"
},
{
"name": "42762",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42762/"
},
{
"name": "RHSA-2017:2705",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2705"
},
{
"name": "RHSA-2017:2683",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2683"
},
{
"name": "RHSA-2017:2704",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2704"
},
{
"name": "RHSA-2017:2682",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2682"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/blueborne",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/blueborne"
},
{
"name": "https://www.armis.com/blueborne",
"refsource": "MISC",
"url": "https://www.armis.com/blueborne"
},
{
"name": "1039373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039373"
},
{
"name": "RHSA-2017:2731",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2731"
},
{
"name": "DSA-3981",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "RHSA-2017:2706",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2706"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
},
{
"name": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name": "100809",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100809"
},
{
"name": "VU#240311",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/240311"
},
{
"name": "RHSA-2017:2681",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2681"
},
{
"name": "RHSA-2017:2679",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2679"
},
{
"name": "RHSA-2017:2680",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2680"
},
{
"name": "RHSA-2017:2707",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2707"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000251",
"datePublished": "2017-09-12T17:00:00.000Z",
"dateReserved": "2017-09-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:00:39.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10663 (GCVE-0-2017-10663)
Vulnerability from cvelistv5 – Published: 2017-08-19 18:00 – Updated: 2024-08-05 17:41
VLAI
EPSS
Summary
The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/100215 | vdb-entryx_refsource_BID |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1481149 | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/15d3042a… | x_refsource_CONFIRM |
| https://source.android.com/security/bulletin/2017-08-01 | x_refsource_CONFIRM |
| http://www.kernel.org/pub/linux/kernel/v4.x/Chang… | x_refsource_CONFIRM |
Date Public
2017-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:41:55.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100215"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-08-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-20T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100215"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-08-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100215"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15d3042a937c13f5d9244241c7a9c8416ff6e82a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1481149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481149"
},
{
"name": "https://github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a"
},
{
"name": "https://source.android.com/security/bulletin/2017-08-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-08-01"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10663",
"datePublished": "2017-08-19T18:00:00.000Z",
"dateReserved": "2017-06-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:41:55.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12762 (GCVE-0-2017-12762)
Vulnerability from cvelistv5 – Published: 2017-08-09 21:00 – Updated: 2024-08-05 18:51
VLAI
EPSS
Summary
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://usn.ubuntu.com/3620-2/ | vendor-advisoryx_refsource_UBUNTU |
| https://patchwork.kernel.org/patch/9880041/ | x_refsource_MISC |
| http://www.securityfocus.com/bid/100251 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/3620-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://www.openwall.com/lists/oss-security/2020/02/11/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2020/02/11/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2020/02/14/4 | mailing-listx_refsource_MLIST |
Date Public
2017-08-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:05.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/9880041/"
},
{
"name": "100251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100251"
},
{
"name": "USN-3620-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"
},
{
"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"
},
{
"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-14T12:06:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://patchwork.kernel.org/patch/9880041/"
},
{
"name": "100251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100251"
},
{
"name": "USN-3620-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"
},
{
"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"
},
{
"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3620-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "https://patchwork.kernel.org/patch/9880041/",
"refsource": "MISC",
"url": "https://patchwork.kernel.org/patch/9880041/"
},
{
"name": "100251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100251"
},
{
"name": "USN-3620-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"name": "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/1"
},
{
"name": "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/11/2"
},
{
"name": "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/14/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12762",
"datePublished": "2017-08-09T21:00:00.000Z",
"dateReserved": "2017-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:51:05.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5970 (GCVE-0-2017-5970)
Vulnerability from cvelistv5 – Published: 2017-02-14 06:30 – Updated: 2024-08-05 15:18
VLAI
EPSS
Summary
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://patchwork.ozlabs.org/patch/724136/ | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2017/02/12/3 | mailing-listx_refsource_MLIST |
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:2669 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/96233 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:2077 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=1421638 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/torvalds/linux/commit/34b2cef2… | x_refsource_CONFIRM |
| http://www.debian.org/security/2017/dsa-3791 | vendor-advisoryx_refsource_DEBIAN |
Date Public
2017-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://patchwork.ozlabs.org/patch/724136/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5970",
"datePublished": "2017-02-14T06:30:00.000Z",
"dateReserved": "2017-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:18:48.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6214 (GCVE-0-2017-6214)
Vulnerability from cvelistv5 – Published: 2017-02-23 17:00 – Updated: 2024-08-05 15:25
VLAI
EPSS
Summary
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/96421 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:1615 | vendor-advisoryx_refsource_REDHAT |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1647 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1616 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1372 | vendor-advisoryx_refsource_REDHAT |
| http://www.securitytracker.com/id/1037897 | vdb-entryx_refsource_SECTRACK |
| http://www.debian.org/security/2017/dsa-3804 | vendor-advisoryx_refsource_DEBIAN |
| http://www.kernel.org/pub/linux/kernel/v4.x/Chang… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/ccf7abb9… | x_refsource_CONFIRM |
Date Public
2017-02-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "96421",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96421"
},
{
"name": "RHSA-2017:1615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
},
{
"name": "RHSA-2017:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "RHSA-2017:1616",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1372"
},
{
"name": "1037897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037897"
},
{
"name": "DSA-3804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "96421",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96421"
},
{
"name": "RHSA-2017:1615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
},
{
"name": "RHSA-2017:1647",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "RHSA-2017:1616",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1372"
},
{
"name": "1037897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037897"
},
{
"name": "DSA-3804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "96421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96421"
},
{
"name": "RHSA-2017:1615",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1615"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
},
{
"name": "RHSA-2017:1647",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name": "RHSA-2017:1616",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name": "RHSA-2017:1372",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1372"
},
{
"name": "1037897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037897"
},
{
"name": "DSA-3804",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
},
{
"name": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6214",
"datePublished": "2017-02-23T17:00:00.000Z",
"dateReserved": "2017-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:25:49.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6346 (GCVE-0-2017-6346)
Vulnerability from cvelistv5 – Published: 2017-03-01 20:00 – Updated: 2024-08-05 15:25
VLAI
EPSS
Summary
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96508 | vdb-entryx_refsource_BID |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
| http://www.kernel.org/pub/linux/kernel/v4.x/Chang… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2017/02/28/6 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2017/dsa-3804 | vendor-advisoryx_refsource_DEBIAN |
| https://github.com/torvalds/linux/commit/d199fab6… | x_refsource_CONFIRM |
Date Public
2017-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96508",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13"
},
{
"name": "[oss-security] 20170228 Linux: packet: fix races in fanout_add() (CVE-2017-6346)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/28/6"
},
{
"name": "DSA-3804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/d199fab63c11998a602205f7ee7ff7c05c97164b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96508",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13"
},
{
"name": "[oss-security] 20170228 Linux: packet: fix races in fanout_add() (CVE-2017-6346)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/28/6"
},
{
"name": "DSA-3804",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/d199fab63c11998a602205f7ee7ff7c05c97164b"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96508"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b"
},
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13"
},
{
"name": "[oss-security] 20170228 Linux: packet: fix races in fanout_add() (CVE-2017-6346)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/28/6"
},
{
"name": "DSA-3804",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"name": "https://github.com/torvalds/linux/commit/d199fab63c11998a602205f7ee7ff7c05c97164b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/d199fab63c11998a602205f7ee7ff7c05c97164b"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6346",
"datePublished": "2017-03-01T20:00:00.000Z",
"dateReserved": "2017-02-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:25:49.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6951 (GCVE-0-2017-6951)
Vulnerability from cvelistv5 – Published: 2017-03-16 18:00 – Updated: 2024-08-05 15:49
VLAI
EPSS
Summary
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/96943 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:2669 | vendor-advisoryx_refsource_REDHAT |
| http://www.spinics.net/lists/keyrings/msg01849.html | x_refsource_MISC |
| http://www.spinics.net/lists/keyrings/msg01845.html | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2017:2077 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| http://www.spinics.net/lists/keyrings/msg01846.html | x_refsource_MISC |
Date Public
2017-03-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:49:01.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96943"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.spinics.net/lists/keyrings/msg01849.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.spinics.net/lists/keyrings/msg01845.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.spinics.net/lists/keyrings/msg01846.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96943"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.spinics.net/lists/keyrings/msg01849.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.spinics.net/lists/keyrings/msg01845.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.spinics.net/lists/keyrings/msg01846.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96943"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "http://www.spinics.net/lists/keyrings/msg01849.html",
"refsource": "MISC",
"url": "http://www.spinics.net/lists/keyrings/msg01849.html"
},
{
"name": "http://www.spinics.net/lists/keyrings/msg01845.html",
"refsource": "MISC",
"url": "http://www.spinics.net/lists/keyrings/msg01845.html"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "http://www.spinics.net/lists/keyrings/msg01846.html",
"refsource": "MISC",
"url": "http://www.spinics.net/lists/keyrings/msg01846.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6951",
"datePublished": "2017-03-16T18:00:00.000Z",
"dateReserved": "2017-03-16T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:49:01.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7187 (GCVE-0-2017-7187)
Vulnerability from cvelistv5 – Published: 2017-03-20 14:00 – Updated: 2024-08-05 15:56
VLAI
EPSS
Summary
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/pixe… | x_refsource_CONFIRM |
| https://git.kernel.org/pub/scm/linux/kernel/git/m… | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2017:2669 | vendor-advisoryx_refsource_REDHAT |
| http://www.securitytracker.com/id/1038086 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2017:2077 | vendor-advisoryx_refsource_REDHAT |
| https://gist.github.com/dvyukov/48ad14e84de45b0be… | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/96989 | vdb-entryx_refsource_BID |
Date Public
2017-03-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:56:36.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes\u0026id=bf33f87dd04c371ea33feb821b60d63d754e3124"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "1038086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038086"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "96989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes\u0026id=bf33f87dd04c371ea33feb821b60d63d754e3124"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "1038086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038086"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "96989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96989"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2017-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes\u0026id=bf33f87dd04c371ea33feb821b60d63d754e3124",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes\u0026id=bf33f87dd04c371ea33feb821b60d63d754e3124"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "1038086",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038086"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b",
"refsource": "MISC",
"url": "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "96989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96989"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7187",
"datePublished": "2017-03-20T14:00:00.000Z",
"dateReserved": "2017-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:56:36.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7472 (GCVE-0-2017-7472)
Vulnerability from cvelistv5 – Published: 2017-05-11 19:00 – Updated: 2024-08-05 16:04
VLAI
EPSS
Summary
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
Severity
No CVSS data available.
CWE
- exhaust kernel memory
Assigner
References
15 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Linux kernel before 4.10.13 |
Affected:
Linux kernel before 4.10.13
|
Date Public
2017-05-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lkml.org/lkml/2017/4/3/724"
},
{
"name": "RHSA-2018:0181",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.13"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"name": "RHSA-2018:0152",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0152"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271b"
},
{
"name": "98422",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98422"
},
{
"name": "1038471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038471"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1034862"
},
{
"name": "42136",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42136/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/05/11/1"
},
{
"name": "RHSA-2018:0151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0151"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lkml.org/lkml/2017/4/1/235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel before 4.10.13",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux kernel before 4.10.13"
}
]
}
],
"datePublic": "2017-05-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "exhaust kernel memory",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-26T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lkml.org/lkml/2017/4/3/724"
},
{
"name": "RHSA-2018:0181",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.13"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"name": "RHSA-2018:0152",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0152"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271b"
},
{
"name": "98422",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98422"
},
{
"name": "1038471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038471"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1034862"
},
{
"name": "42136",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42136/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openwall.com/lists/oss-security/2017/05/11/1"
},
{
"name": "RHSA-2018:0151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0151"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lkml.org/lkml/2017/4/1/235"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7472",
"datePublished": "2017-05-11T19:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7541 (GCVE-0-2017-7541)
Vulnerability from cvelistv5 – Published: 2017-07-25 04:00 – Updated: 2024-08-05 16:04
VLAI
EPSS
Summary
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.
Severity
No CVSS data available.
CWE
- memory corruption
Assigner
References
16 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Linux kernel before 4.12.3 |
Affected:
Linux kernel before 4.12.3
|
Date Public
2017-07-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3927",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3927"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c"
},
{
"name": "99955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99955"
},
{
"name": "RHSA-2017:2918",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2918"
},
{
"name": "RHSA-2017:2931",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2931"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473198"
},
{
"name": "RHSA-2017:2863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2863"
},
{
"name": "1038981",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038981"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1049645"
},
{
"name": "DSA-3945",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3945"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.spinics.net/lists/stable/msg180994.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/07/24/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c"
},
{
"name": "RHSA-2017:2930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2930"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel before 4.12.3",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux kernel before 4.12.3"
}
]
}
],
"datePublic": "2017-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-07T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3927",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3927"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c"
},
{
"name": "99955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99955"
},
{
"name": "RHSA-2017:2918",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2918"
},
{
"name": "RHSA-2017:2931",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2931"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473198"
},
{
"name": "RHSA-2017:2863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2863"
},
{
"name": "1038981",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038981"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1049645"
},
{
"name": "DSA-3945",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3945"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.spinics.net/lists/stable/msg180994.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openwall.com/lists/oss-security/2017/07/24/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c"
},
{
"name": "RHSA-2017:2930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2930"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7541",
"datePublished": "2017-07-25T04:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…