- Home
- CVEs with nessus.description==Several+vulnerabilities+have+been+discovered+in+the+Linux+kernel+that+may+lead+to+a+privilege+escalation%2C+denial+of+service+or+information+leaks.%0A%0A++-+CVE-2014-9940+++++A+use-after-free+flaw+in+the+voltage+and+current+++++regulator+driver+could+allow+a+local+user+to+cause+a+++++denial+of+service+or+potentially+escalate+privileges.%0A%0A++-+CVE-2017-7346+++++Li+Qiang+discovered+that+the+DRM+driver+for+VMware+++++virtual+GPUs+does+not+properly+check+user-controlled+++++values+in+the+vmw_surface_define_ioctl%28%29+functions+for+++++upper+limits.+A+local+user+can+take+advantage+of+this+++++flaw+to+cause+a+denial+of+service.%0A%0A++-+CVE-2017-7482+++++Shi+Lei+discovered+that+RxRPC+Kerberos+5+ticket+handling+++++code+does+not+properly+verify+metadata%2C+leading+to+++++information+disclosure%2C+denial+of+service+or+potentially+++++execution+of+arbitrary+code.%0A%0A++-+CVE-2017-7533+++++Fan+Wu+and+Shixiong+Zhao+discovered+a+race+condition+++++between+inotify+events+and+VFS+rename+operations+++++allowing+an+unprivileged+local+attacker+to+cause+a+++++denial+of+service+or+escalate+privileges.%0A%0A++-+CVE-2017-7541+++++A+buffer+overflow+flaw+in+the+Broadcom+IEEE802.11n+PCIe+++++SoftMAC+WLAN+driver+could+allow+a+local+user+to+cause+++++kernel+memory+corruption%2C+leading+to+a+denial+of+service+++++or+potentially+privilege+escalation.%0A%0A++-+CVE-2017-7542+++++An+integer+overflow+vulnerability+in+the+++++ip6_find_1stfragopt%28%29+function+was+found+allowing+a+++++local+attacker+with+privileges+to+open+raw+sockets+to+++++cause+a+denial+of+service.%0A%0A++-+CVE-2017-7889+++++Tommi+Rantala+and+Brad+Spengler+reported+that+the+mm+++++subsystem+does+not+properly+enforce+the+++++CONFIG_STRICT_DEVMEM+protection+mechanism%2C+allowing+a+++++local+attacker+with+access+to+%2Fdev%2Fmem+to+obtain+++++sensitive+information+or+potentially+execute+arbitrary+++++code.%0A%0A++-+CVE-2017-9605+++++Murray+McAllister+discovered+that+the+DRM+driver+for+++++VMware+virtual+GPUs+does+not+properly+initialize+memory%2C+++++potentially+allowing+a+local+attacker+to+obtain+++++sensitive+information+from+uninitialized+kernel+memory+++++via+a+crafted+ioctl+call.%0A%0A++-+CVE-2017-10911+++++%2F+XSA-216%0A%0A++Anthony+Perard+of+Citrix+discovered+an+information+leak+flaw+in+Xen+++blkif+response+handling%2C+allowing+a+malicious+unprivileged+guest+to+++obtain+sensitive+information+from+the+host+or+other+guests.%0A%0A++-+CVE-2017-11176+++++It+was+discovered+that+the+mq_notify%28%29+function+does+not+++++set+the+sock+pointer+to+NULL+upon+entry+into+the+retry+++++logic.+An+attacker+can+take+advantage+of+this+flaw+++++during+a+userspace+close+of+a+Netlink+socket+to+cause+a+++++denial+of+service+or+potentially+cause+other+impact.%0A%0A++-+CVE-2017-1000363+++++Roee+Hay+reported+that+the+lp+driver+does+not+properly+++++bounds-check+passed+arguments%2C+allowing+a+local+attacker+++++with+write+access+to+the+kernel+command+line+arguments+++++to+execute+arbitrary+code.%0A%0A++-+CVE-2017-1000365+++++It+was+discovered+that+argument+and+environment+pointers+++++are+not+taken+properly+into+account+to+the+imposed+size+++++restrictions+on+arguments+and+environmental+strings+++++passed+through+RLIMIT_STACK%2FRLIMIT_INFINITY.+A+local+++++attacker+can+take+advantage+of+this+flaw+in+conjunction+++++with+other+flaws+to+execute+arbitrary+code
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top