Max CVSS | 7.2 | Min CVSS | 4.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-1000112 | 6.9 |
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
|
07-06-2023 - 12:46 | 05-10-2017 - 01:29 | |
CVE-2017-7541 | 7.2 |
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
|
14-02-2023 - 21:37 | 25-07-2017 - 04:29 | |
CVE-2017-7558 | 5.0 |
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in
|
12-02-2023 - 23:31 | 26-07-2018 - 15:29 | |
CVE-2017-7542 | 4.9 |
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
|
12-02-2023 - 23:30 | 21-07-2017 - 16:29 | |
CVE-2017-7184 | 7.2 |
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-b
|
10-02-2023 - 00:53 | 19-03-2017 - 18:59 | |
CVE-2017-1000111 | 7.2 |
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_
|
17-01-2023 - 21:04 | 05-10-2017 - 01:29 | |
CVE-2017-11176 | 7.2 |
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possi
|
17-01-2023 - 21:01 | 11-07-2017 - 23:29 | |
CVE-2017-14106 | 4.9 |
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
|
13-07-2018 - 01:29 | 01-09-2017 - 16:29 | |
CVE-2017-14340 | 4.9 |
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors rel
|
07-12-2017 - 02:29 | 15-09-2017 - 11:29 |