Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:16450
[Eng]
Version
5
Class
patch
ALTXid
169619
Language
Russian
Severity
High
Title
Обновление DLA-1200-1 -- устранение уязвимостей в linux
Description
Several vulnerabilities have been discovered in Linux Kernel that may lead to a privilege escalation, denial of service or information leaks.
Family
unix
Platform
Debian 7
Product
linux
Reference
VENDOR: DLA-1200-1
VENDOR: DLA-1200-1
Id:
DLA-1200-1
Reference:
https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201712/msg00004.html
CVE: CVE-2016-10208
CVE: CVE-2016-10208
Id:
CVE-2016-10208
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10208
Comment
: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSSv3 Score:
4.3
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1395190 (CONFIRM)
[oss-security] 20170204 Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read (MLIST)
20161115 OS-S 2016-22 - Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read (FULLDISC)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a4b77cd47bb837b8557595ec7425f281f2ca1fe (CONFIRM)
94354 (BID)
RHSA-2017:1308 (REDHAT)
RHSA-2017:1298 (REDHAT)
RHSA-2017:1297 (REDHAT)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-8824
CVE: CVE-2017-8824
Id:
CVE-2017-8824
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8824
Comment
: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
http://www.openwall.com/lists/oss-security/2017/12/05/1 (MISC)
http://lists.openwall.net/netdev/2017/12/04/224 (MISC)
102056 (BID)
43234 (EXPLOIT-DB)
DSA-4073 (DEBIAN)
SUSE-SU-2018:0011 (SUSE)
DSA-4082 (DEBIAN)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
RHSA-2018:0399 (REDHAT)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
USN-3582-2 (UBUNTU)
USN-3582-1 (UBUNTU)
USN-3581-3 (UBUNTU)
USN-3581-2 (UBUNTU)
USN-3581-1 (UBUNTU)
RHSA-2018:1062 (REDHAT)
RHSA-2018:0676 (REDHAT)
RHSA-2018:1170 (REDHAT)
RHSA-2018:1130 (REDHAT)
RHSA-2018:1216 (REDHAT)
RHSA-2018:1319 (REDHAT)
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 (CONFIRM)
RHSA-2018:3822 (REDHAT)
CVE: CVE-2017-8831
CVE: CVE-2017-8831
Id:
CVE-2017-8831
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8831
Comment
: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.
CVSSv2 Score:
6.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.4
Attack vector:
PHYSICAL
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://bugzilla.kernel.org/show_bug.cgi?id=195559 (MISC)
https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c (CONFIRM)
http://www.securityfocus.com/archive/1/540770/30/0/threaded (MISC)
99619 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-12190
CVE: CVE-2017-12190
Id:
CVE-2017-12190
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12190
Comment
: The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSSv3 Score:
6.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
CHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CWE:
400 (Uncontrolled Resource Consumption ('Resource Exhaustion'))
References:
https://github.com/torvalds/linux/commit/95d78c28b5a85bacbc29b8dba7c04babb9b0d467 (CONFIRM)
https://github.com/torvalds/linux/commit/2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1495089 (CONFIRM)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 (CONFIRM)
http://seclists.org/oss-sec/2017/q4/52 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95d78c28b5a85bacbc29b8dba7c04babb9b0d467 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058 (CONFIRM)
101911 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
USN-3582-2 (UBUNTU)
USN-3582-1 (UBUNTU)
RHSA-2018:0654 (REDHAT)
RHSA-2018:1062 (REDHAT)
RHSA-2018:0676 (REDHAT)
RHSA-2018:1854 (REDHAT)
RHSA-2019:1170 (REDHAT)
RHSA-2019:1190 (REDHAT)
https://support.f5.com/csp/article/K93472064?utm_source=f5support&%3Butm_medium=RSS (MISC)
CVE: CVE-2017-13080
CVE: CVE-2017-13080
Id:
CVE-2017-13080
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080
Comment
: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVSSv2 Score:
2.9
Access vector:
ADJACENT_NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSSv3 Score:
5.3
Attack vector:
ADJACENT_NETWORK
Attack complexity:
HIGH
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
HIGH
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE:
330 (Use of Insufficiently Random Values)
References:
https://www.krackattacks.com/ (MISC)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080 (CONFIRM)
VU#228519 (CERT-VN)
1039585 (SECTRACK)
1039581 (SECTRACK)
1039578 (SECTRACK)
1039577 (SECTRACK)
1039576 (SECTRACK)
1039573 (SECTRACK)
1039572 (SECTRACK)
101274 (BID)
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt (MISC)
20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II (CISCO)
https://support.lenovo.com/us/en/product_security/LEN-17420 (CONFIRM)
FreeBSD-SA-17:07 (FREEBSD)
https://access.redhat.com/security/vulnerabilities/kracks (CONFIRM)
RHSA-2017:2911 (REDHAT)
RHSA-2017:2907 (REDHAT)
USN-3455-1 (UBUNTU)
DSA-3999 (DEBIAN)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt (CONFIRM)
openSUSE-SU-2017:2755 (SUSE)
SUSE-SU-2017:2752 (SUSE)
SUSE-SU-2017:2745 (SUSE)
1039703 (SECTRACK)
GLSA-201711-03 (GENTOO)
https://support.apple.com/HT208222 (CONFIRM)
https://support.apple.com/HT208221 (CONFIRM)
https://support.apple.com/HT208220 (CONFIRM)
https://support.apple.com/HT208219 (CONFIRM)
https://source.android.com/security/bulletin/2017-11-01 (CONFIRM)
https://support.apple.com/HT208334 (CONFIRM)
https://support.apple.com/HT208327 (CONFIRM)
https://support.apple.com/HT208325 (CONFIRM)
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html (CONFIRM)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html (CONFIRM)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us (CONFIRM)
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf (CONFIRM)
https://cert.vde.com/en-us/advisories/vde-2017-005 (CONFIRM)
https://cert.vde.com/en-us/advisories/vde-2017-003 (CONFIRM)
[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update (MLIST)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html (CONFIRM)
CVE: CVE-2017-14051
CVE: CVE-2017-14051
Id:
CVE-2017-14051
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14051
Comment
: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSSv3 Score:
4.4
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
HIGH
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE:
190 (Integer Overflow or Wraparound)
References:
https://patchwork.kernel.org/patch/9929625/ (MISC)
https://bugzilla.kernel.org/show_bug.cgi?id=194061 (MISC)
100571 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
CVE: CVE-2017-15115
CVE: CVE-2017-15115
Id:
CVE-2017-15115
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15115
Comment
: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://patchwork.ozlabs.org/patch/827077/ (CONFIRM)
https://github.com/torvalds/linux/commit/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1513345 (CONFIRM)
http://seclists.org/oss-sec/2017/q4/282 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 (CONFIRM)
101877 (BID)
SUSE-SU-2018:0011 (SUSE)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
USN-3582-2 (UBUNTU)
USN-3582-1 (UBUNTU)
USN-3581-3 (UBUNTU)
USN-3581-2 (UBUNTU)
USN-3581-1 (UBUNTU)
https://source.android.com/security/bulletin/pixel/2018-04-01 (CONFIRM)
CVE: CVE-2017-15265
CVE: CVE-2017-15265
Id:
CVE-2017-15265
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15265
Comment
: Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
CVSSv2 Score:
6.9
Access vector:
LOCAL
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7
Attack vector:
LOCAL
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://bugzilla.suse.com/show_bug.cgi?id=1062520 (CONFIRM)
[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265 (MLIST)
[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port (MLIST)
1039561 (SECTRACK)
101288 (BID)
https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026 (CONFIRM)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026 (CONFIRM)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
https://source.android.com/security/bulletin/2018-02-01 (CONFIRM)
RHSA-2018:1062 (REDHAT)
RHSA-2018:0676 (REDHAT)
RHSA-2018:1170 (REDHAT)
RHSA-2018:1130 (REDHAT)
USN-3698-2 (UBUNTU)
USN-3698-1 (UBUNTU)
RHSA-2018:2390 (REDHAT)
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 (CONFIRM)
RHSA-2018:3823 (REDHAT)
RHSA-2018:3822 (REDHAT)
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html (MISC)
https://www.oracle.com/security-alerts/cpujul2020.html (MISC)
CVE: CVE-2017-15299
CVE: CVE-2017-15299
Id:
CVE-2017-15299
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15299
Comment
: The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.
CVSSv2 Score:
4.9
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSSv3 Score:
5.5
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1498016 (MISC)
https://marc.info/?t=150783958600011&r=1&w=2 (MISC)
https://marc.info/?t=150654188100001&r=1&w=2 (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
RHSA-2018:0654 (REDHAT)
USN-3798-2 (UBUNTU)
USN-3798-1 (UBUNTU)
https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1499828.html ()
CVE: CVE-2017-15649
CVE: CVE-2017-15649
Id:
CVE-2017-15649
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15649
Comment
: net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
CVSSv2 Score:
4.6
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
References:
https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e (MISC)
https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110 (MISC)
https://blogs.securiteam.com/index.php/archives/3484 (MISC)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6 (MISC)
http://patchwork.ozlabs.org/patch/818726/ (MISC)
http://patchwork.ozlabs.org/patch/813945/ (MISC)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e (MISC)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110 (MISC)
101573 (BID)
RHSA-2018:0181 (REDHAT)
RHSA-2018:0152 (REDHAT)
RHSA-2018:0151 (REDHAT)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-15868
CVE: CVE-2017-15868
Id:
CVE-2017-15868
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15868
Comment
: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
20 (Improper Input Validation)
References:
https://source.android.com/security/bulletin/pixel/2017-12-01 (CONFIRM)
https://patchwork.kernel.org/patch/9882449/ (CONFIRM)
https://github.com/torvalds/linux/commit/71bb99a02b32b4cc4265118e85f6035ca72923f0 (CONFIRM)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71bb99a02b32b4cc4265118e85f6035ca72923f0 (CONFIRM)
102084 (BID)
SUSE-SU-2018:0011 (SUSE)
DSA-4082 (DEBIAN)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
CVE: CVE-2017-16525
CVE: CVE-2017-16525
Id:
CVE-2017-16525
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16525
Comment
: The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://groups.google.com/d/msg/syzkaller/cMACrmo1x0k/4KhRoUgABAAJ (MISC)
https://github.com/torvalds/linux/commit/bd998c2e0df0469707503023d50d46cf0b10c787 (MISC)
https://github.com/torvalds/linux/commit/299d7572e46f98534033a9e65973f13ad1ce9047 (MISC)
102028 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-2 (UBUNTU)
USN-3583-1 (UBUNTU)
CVE: CVE-2017-16527
CVE: CVE-2017-16527
Id:
CVE-2017-16527
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16527
Comment
: sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://groups.google.com/d/msg/syzkaller/jf7GTr_g2CU/iVlLhMciCQAJ (MISC)
https://github.com/torvalds/linux/commit/124751d5e63c823092060074bd0abaae61aaa9c4 (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16529
CVE: CVE-2017-16529
Id:
CVE-2017-16529
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16529
Comment
: The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://groups.google.com/d/msg/syzkaller/rDzv5RP_f2M/M5au06qmAwAJ (MISC)
https://github.com/torvalds/linux/commit/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991 (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
103284 (BID)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16531
CVE: CVE-2017-16531
Id:
CVE-2017-16531
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16531
Comment
: drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
References:
https://groups.google.com/d/msg/syzkaller/hP6L-m59m_8/Co2ouWeFAwAJ (MISC)
https://github.com/torvalds/linux/commit/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb (MISC)
102025 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html (MISC)
CVE: CVE-2017-16532
CVE: CVE-2017-16532
Id:
CVE-2017-16532
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16532
Comment
: The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://groups.google.com/d/msg/syzkaller/l3870gs3LhA/y79DYQdFBAAJ (MISC)
https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8 (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3617-2 (UBUNTU)
USN-3617-1 (UBUNTU)
USN-3619-1 (UBUNTU)
USN-3617-3 (UBUNTU)
USN-3619-2 (UBUNTU)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16533
CVE: CVE-2017-16533
Id:
CVE-2017-16533
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16533
Comment
: The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://groups.google.com/d/msg/syzkaller/CxkJ9QZgwlM/O3IOvAaGAwAJ (MISC)
https://github.com/torvalds/linux/commit/f043bfc98c193c284e2cd768fefabe18ac2fed9b (MISC)
102026 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16535
CVE: CVE-2017-16535
Id:
CVE-2017-16535
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16535
Comment
: The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://groups.google.com/d/msg/syzkaller/tzdz2fTB1K0/OvjIgLSTAgAJ (MISC)
https://github.com/torvalds/linux/commit/1c0edc3633b56000e18d82fc241e3995ca18a69e (MISC)
102022 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16536
CVE: CVE-2017-16536
Id:
CVE-2017-16536
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16536
Comment
: The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://patchwork.kernel.org/patch/9963527/ (MISC)
https://groups.google.com/d/msg/syzkaller/WlUAVfDvpRk/1V1xuEA4AgAJ (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3619-1 (UBUNTU)
USN-3619-2 (UBUNTU)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16537
CVE: CVE-2017-16537
Id:
CVE-2017-16537
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16537
Comment
: The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://patchwork.kernel.org/patch/9994017/ (MISC)
https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ (MISC)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3617-2 (UBUNTU)
USN-3617-1 (UBUNTU)
USN-3619-1 (UBUNTU)
USN-3617-3 (UBUNTU)
USN-3619-2 (UBUNTU)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16643
CVE: CVE-2017-16643
Id:
CVE-2017-16643
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16643
Comment
: The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
125 (Out-of-bounds Read)
References:
https://groups.google.com/d/msg/syzkaller/McWFcOsA47Y/3bjtBBgaBAAJ (MISC)
https://github.com/torvalds/linux/commit/a50829479f58416a013a4ccca791336af3c584c7 (MISC)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11 (MISC)
101769 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3754-1 (UBUNTU)
CVE: CVE-2017-16649
CVE: CVE-2017-16649
Id:
CVE-2017-16649
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16649
Comment
: The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
6.6
Attack vector:
PHYSICAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
369 (Divide By Zero)
References:
https://patchwork.ozlabs.org/patch/834771/ (MISC)
https://groups.google.com/d/msg/syzkaller/0e0gmaX9R0g/9Me9JcY2BQAJ (MISC)
101761 (BID)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3617-2 (UBUNTU)
USN-3617-1 (UBUNTU)
USN-3619-1 (UBUNTU)
USN-3617-3 (UBUNTU)
USN-3619-2 (UBUNTU)
USN-3822-2 (UBUNTU)
USN-3822-1 (UBUNTU)
CVE: CVE-2017-16939
CVE: CVE-2017-16939
Id:
CVE-2017-16939
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16939
Comment
: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
CVSSv2 Score:
7.2
Access vector:
LOCAL
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3 Score:
7.8
Attack vector:
LOCAL
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
416 (Use After Free)
References:
https://github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2 (MISC)
https://bugzilla.suse.com/show_bug.cgi?id=1069702 (MISC)
https://blogs.securiteam.com/index.php/archives/3535 (MISC)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11 (MISC)
http://seclists.org/fulldisclosure/2017/Nov/40 (MISC)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1137b5e2529a8f5ca8ee709288ecba3e68044df2 (MISC)
101954 (BID)
SUSE-SU-2018:0011 (SUSE)
DSA-4082 (DEBIAN)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
RHSA-2018:1355 (REDHAT)
RHSA-2018:1318 (REDHAT)
RHSA-2019:1170 (REDHAT)
RHSA-2019:1190 (REDHAT)
CVE: CVE-2017-1000407
CVE: CVE-2017-1000407
Id:
CVE-2017-1000407
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000407
Comment
: The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVSSv2 Score:
6.1
Access vector:
ADJACENT_NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:C
CWE:
754 (Improper Check for Unusual or Exceptional Conditions)
References:
[oss-security] 20171204 CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80 (MLIST)
102038 (BID)
RHSA-2018:0676 (REDHAT)
RHSA-2018:1062 (REDHAT)
RHSA-2019:1170 (REDHAT)
https://access.redhat.com/security/cve/cve-2017-1000407 (CONFIRM)
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update (MLIST)
USN-3583-1 (UBUNTU)
USN-3583-2 (UBUNTU)
USN-3617-1 (UBUNTU)
USN-3617-2 (UBUNTU)
USN-3619-1 (UBUNTU)
USN-3619-2 (UBUNTU)
USN-3632-1 (UBUNTU)
DSA-4073 (DEBIAN)
DSA-4082 (DEBIAN)
[kvm] 20171201 [PATCH 1/2] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (MLIST)
Content available only for registered users!
ovaldb@altx-soft.com