- Home
- CVEs with nessus.description==Several+vulnerabilities+have+been+discovered+in+the+Linux+kernel+that+may+lead+to+a+privilege+escalation%2C+denial+of+service+or+have+other+impacts.%0A%0A++-+CVE-2016-9588+++++Jim+Mattson+discovered+that+the+KVM+implementation+for+++++Intel+x86+processors+does+not+properly+handle+%23BP+and+++++%23OF+exceptions+in+an+L2+%28nested%29+virtual+machine.+A+++++local+attacker+in+an+L2+guest+VM+can+take+advantage+of+++++this+flaw+to+cause+a+denial+of+service+for+the+L1+guest+++++VM.%0A%0A++-+CVE-2017-2636+++++Alexander+Popov+discovered+a+race+condition+flaw+in+the+++++n_hdlc+line+discipline+that+can+lead+to+a+double+free.+A+++++local+unprivileged+user+can+take+advantage+of+this+flaw+++++for+privilege+escalation.+On+systems+that+do+not+already+++++have+the+n_hdlc+module+loaded%2C+this+can+be+mitigated+by+++++disabling+it%3Aecho+%3E%3E+%2Fetc%2Fmodprobe.d%2Fdisable-n_hdlc.conf+++++install+n_hdlc+false%0A%0A++-+CVE-2017-5669+++++Gareth+Evans+reported+that+privileged+users+can+map+++++memory+at+address+0+through+the+shmat%28%29+system+call.%0A++++This+could+make+it+easier+to+exploit+other+kernel+++++security+vulnerabilities+via+a+set-UID+program.%0A%0A++-+CVE-2017-5986+++++Alexander+Popov+reported+a+race+condition+in+the+SCTP+++++implementation+that+can+be+used+by+local+users+to+cause+++++a+denial-of-service+%28crash%29.+The+initial+fix+for+this+++++was+incorrect+and+introduced+further+security+issues+%28+++++CVE-2017-6353+%29.+This+update+includes+a+later+fix+that+++++avoids+those.+On+systems+that+do+not+already+have+the+++++sctp+module+loaded%2C+this+can+be+mitigated+by+disabling+++++it%3Aecho+%3E%3E+%2Fetc%2Fmodprobe.d%2Fdisable-sctp.conf+install+++++sctp+false%0A%0A++-+CVE-2017-6214+++++Dmitry+Vyukov+reported+a+bug+in+the+TCP+implementation%27s+++++handling+of+urgent+data+in+the+splice%28%29+system+call.%0A++++This+can+be+used+by+a+remote+attacker+for+++++denial-of-service+%28hang%29+against+applications+that+read+++++from+TCP+sockets+with+splice%28%29.%0A%0A++-+CVE-2017-6345+++++Andrey+Konovalov+reported+that+the+LLC+type+2+++++implementation+incorrectly+assigns+socket+buffer+++++ownership.+This+can+be+used+by+a+local+user+to+cause+a+++++denial-of-service+%28crash%29.+On+systems+that+do+not+++++already+have+the+llc2+module+loaded%2C+this+can+be+++++mitigated+by+disabling+it%3Aecho+%3E%3E+++++%2Fetc%2Fmodprobe.d%2Fdisable-llc2.conf+install+llc2+false%0A%0A++-+CVE-2017-6346+++++Dmitry+Vyukov+reported+a+race+condition+in+the+raw+++++packet+%28af_packet%29+fanout+feature.+Local+users+with+the+++++CAP_NET_RAW+capability+%28in+any+user+namespace%29+can+use+++++this+for+denial-of-service+and+possibly+for+privilege+++++escalation.%0A%0A++-+CVE-2017-6348+++++Dmitry+Vyukov+reported+that+the+general+queue+++++implementation+in+the+IrDA+subsystem+does+not+properly+++++manage+multiple+locks%2C+possibly+allowing+local+users+to+++++cause+a+denial-of-service+%28deadlock%29+via+crafted+++++operations+on+IrDA+devices
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top