- Home
- CVEs with nessus.description==Several+vulnerabilities+have+been+discovered+in+the+Linux+kernel+that+may+lead+to+a+privilege+escalation%2C+denial+of+service+or+have+other+impacts.%0A%0ACVE-2016-2188%0A%0ARalf+Spenneberg+of+OpenSource+Security+reported+that+the+iowarrior+device+driver+did+not+sufficiently+validate+USB+descriptors.+This+allowed+a+physically+present+user+with+a+specially+designed+USB+device+to+cause+a+denial+of+service+%28crash%29.%0A%0ACVE-2016-9604%0A%0AIt+was+discovered+that+the+keyring+subsystem+allowed+a+process+to+set+a+special+internal+keyring+as+its+session+keyring.+The+security+impact+in+this+version+of+the+kernel+is+unknown.%0A%0ACVE-2016-10200%0A%0ABaozeng+Ding+and+Andrey+Konovalov+reported+a+race+condition+in+the+L2TP+implementation+which+could+corrupt+its+table+of+bound+sockets.+A+local+user+could+use+this+to+cause+a+denial+of+service+%28crash%29+or+possibly+for+privilege+escalation.%0A%0ACVE-2017-2647+%2F+CVE-2017-6951%0A%0Aidl3r+reported+that+the+keyring+subsystem+would+allow+a+process+to+search+for+%27dead%27+keys%2C+causing+a+NULL+pointer+dereference.+A+local+user+could+use+this+to+cause+a+denial+of+service+%28crash%29.%0A%0ACVE-2017-2671%0A%0ADaniel+Jiang+discovered+a+race+condition+in+the+ping+socket+implementation.+A+local+user+with+access+to+ping+sockets+could+use+this+to+cause+a+denial+of+service+%28crash%29+or+possibly+for+privilege+escalation.+This+feature+is+not+accessible+to+any+users+by+default.%0A%0ACVE-2017-5967%0A%0AXing+Gao+reported+that+the+%2Fproc%2Ftimer_list+file+showed+information+about+all+processes%2C+not+considering+PID+namespaces.+If+timer+debugging+was+enabled+by+a+privileged+user%2C+this+leaked+information+to+processes+contained+in+PID+namespaces.%0A%0ACVE-2017-5970%0A%0AAndrey+Konovalov+discovered+a+denial+of+service+flaw+in+the+IPv4+networking+code.+This+can+be+triggered+by+a+local+or+remote+attacker+if+a+local+UDP+or+raw+socket+has+the+IP_RETOPTS+option+enabled.%0A%0ACVE-2017-7184%0A%0AChaitin+Security+Research+Lab+discovered+that+the+net+xfrm+subsystem+did+not+sufficiently+validate+replay+state+parameters%2C+allowing+a+heap+buffer+overflow.+This+can+be+used+by+a+local+user+with+the+CAP_NET_ADMIN+capability+for+privilege+escalation.%0A%0ACVE-2017-7261%0A%0AVladis+Dronov+and+Murray+McAllister+reported+that+the+vmwgfx+driver+did+not+sufficiently+validate+rendering+surface+parameters.+In+a+VMware+guest%2C+this+can+be+used+by+a+local+user+to+cause+a+denial+of+service+%28crash%29.%0A%0ACVE-2017-7273%0A%0ABenoit+Camredon+reported+that+the+hid-cypress+driver+did+not+sufficiently+validate+HID+reports.+This+possibly+allowed+a+physically+present+user+with+a+specially+designed+USB+device+to+cause+a+denial+of+service+%28crash%29.%0A%0ACVE-2017-7294%0A%0ALi+Qiang+reported+that+the+vmwgfx+driver+did+not+sufficiently+validate+rendering+surface+parameters.+In+a+VMware+guest%2C+this+can+be+used+by+a+local+user+to+cause+a+denial+of+service+%28crash%29+or+possibly+for+privilege+escalation.%0A%0ACVE-2017-7308%0A%0AAndrey+Konovalov+reported+that+the+packet+socket+%28AF_PACKET%29+implementation+did+not+sufficiently+validate+buffer+parameters.+This+can+be+used+by+a+local+user+with+the+CAP_NET_RAW+capability+for+privilege+escalation.%0A%0ACVE-2017-7472%0A%0AEric+Biggers+reported+that+the+keyring+subsystem+allowed+a+thread+to+create+new+thread+keyrings+repeatedly%2C+causing+a+memory+leak.+This+can+be+used+by+a+local+user+to+cause+a+denial+of+service+%28memory+exhaustion%29.%0A%0ACVE-2017-7616%0A%0AChris+Salls+reported+an+information+leak+in+the+32-bit+big-endian+compatibility+implementations+of+set_mempolicy%28%29+and+mbind%28%29.+This+does+not+affect+any+architecture+supported+in+Debian+7+LTS.%0A%0ACVE-2017-7618%0A%0ASabrina+Dubroca+reported+that+the+cryptographic+hash+subsystem+does+not+correctly+handle+submission+of+unaligned+data+to+a+device+that+is+already+busy%2C+resulting+in+infinite+recursion.+On+some+systems+this+can+be+used+by+local+users+to+cause+a+denial+of+service+%28crash%29.%0A%0AFor+Debian+7+%27Wheezy%27%2C+these+problems+have+been+fixed+in+version+3.2.88-1.+This+version+also+includes+bug+fixes+from+upstream+version+3.2.88%2C+and+fixes+some+older+security+issues+in+the+keyring%2C+packet+socket+and+cryptographic+hash+subsystems+that+do+not+have+CVE+IDs.%0A%0AFor+Debian+8+%27Jessie%27%2C+most+of+these+problems+have+been+fixed+in+version+3.16.43-1+which+will+be+part+of+the+next+point+release.%0A%0AWe+recommend+that+you+upgrade+your+linux+packages.%0A%0ANOTE%3A+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+DLA+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top