- Home
- CVEs with nessus.description==According+to+the+versions+of+the+kernel+packages+installed%2C+the+EulerOS+installation+on+the+remote+host+is+affected+by+the+following+vulnerabilities+%3A%0A%0A++-+The+mq_notify+function+in+the+Linux+kernel+through+++++4.11.9+does+not+set+the+sock+pointer+to+NULL+upon+entry+++++into+the+retry+logic.+During+a+user-space+close+of+a+++++Netlink+socket%2C+it+allows+attackers+to+cause+a+denial+++++of+service+%28use-after-free%29+or+possibly+have+++++unspecified+other+impact.%28CVE-2017-11176%29%0A%0A++-+The+brcmf_cfg80211_mgmt_tx+function+in+++++drivers%2Fnet%2Fwireless%2Fbroadcom%2Fbrcm80211%2Fbrcmfmac%2F+++++cfg80211.c+in+the+Linux+kernel+before+4.12.3+allows+++++local+users+to+cause+a+denial+of+service+%28buffer+++++overflow+and+system+crash%29+or+possibly+gain+privileges+++++via+a+crafted+NL80211_CMD_FRAME+Netlink+++++packet.%28CVE-2017-7541%29%0A%0A++-+The+ip6_find_1stfragopt+function+in+++++net%2Fipv6%2Foutput_core.c+in+the+Linux+kernel+through+++++4.12.3+allows+local+users+to+cause+a+denial+of+service+++++%28integer+overflow+and+infinite+loop%29+by+leveraging+the+++++ability+to+open+a+raw+socket.%28CVE-2017-7542%29%0A%0A++-+Buffer+overflow+in+the+mp_override_legacy_irq%28%29+++++function+in+arch%2Fx86%2Fkernel%2Facpi%2Fboot.c+in+the+Linux+++++kernel+through+4.12.2+allows+local+users+to+gain+++++privileges+via+a+crafted+ACPI+table.%28CVE-2017-11473%29%0A%0A++-+net%2Fxfrm%2Fxfrm_policy.c+in+the+Linux+kernel+through+++++4.12.3%2C+when+CONFIG_XFRM_MIGRATE+is+enabled%2C+does+not+++++ensure+that+the+dir+value+of+xfrm_userpolicy_id+is+++++XFRM_POLICY_MAX+or+less%2C+which+allows+local+users+to+++++cause+a+denial+of+service+%28out-of-bounds+access%29+or+++++possibly+have+unspecified+other+impact+via+an+++++XFRM_MSG_MIGRATE+xfrm+Netlink+message.%28CVE-2017-11600%29%0A%0A++-+It+was+discovered+that+root+can+gain+direct+access+to+++++an+internal+keyring%2C+such+as+%27.dns_resolver%27+in+RHEL-7+++++or+%27.builtin_trusted_keys%27+upstream%2C+by+joining+it+as+++++its+session+keyring.+This+allows+root+to+bypass+module+++++signature+verification+by+adding+a+new+public+key+of+++++its+own+devising+to+the+keyring.%28CVE-2016-9604%29%0A%0A++-+A+user-controlled+buffer+is+copied+into+a+local+buffer+++++of+constant+size+using+strcpy+without+a+length+check+++++which+can+cause+a+buffer+overflow.+This+affects+the+++++Linux+kernel+4.9-stable+tree%2C+4.12-stable+tree%2C+++++3.18-stable+tree%2C+and+4.4-stable+tree.%28CVE-2017-12762%29%0A%0A++-+The+Linux+Kernel+imposes+a+size+restriction+on+the+++++arguments+and+environmental+strings+passed+through+++++RLIMIT_STACK%2FRLIM_INFINITY+%281%2F4+of+the+size%29%2C+but+does+++++not+take+the+argument+and+environment+pointers+into+++++account%2C+which+allows+attackers+to+bypass+this+++++limitation.+This+affects+Linux+Kernel+versions+4.11.5+++++and+earlier.+It+appears+that+this+feature+was+++++introduced+in+the+Linux+Kernel+version+++++2.6.23.%28CVE-2017-1000365%29%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+EulerOS+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top