Max CVSS | 7.2 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-16534 | 7.2 |
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device
|
16-02-2024 - 18:54 | 04-11-2017 - 01:29 | |
CVE-2017-11600 | 6.9 |
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds
|
26-06-2023 - 16:55 | 24-07-2017 - 07:29 | |
CVE-2017-8824 | 7.2 |
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
|
24-02-2023 - 18:32 | 05-12-2017 - 09:29 | |
CVE-2017-7472 | 4.9 |
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
|
12-02-2023 - 23:30 | 11-05-2017 - 19:29 | |
CVE-2017-17806 | 7.2 |
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS
|
19-01-2023 - 16:26 | 20-12-2017 - 23:29 | |
CVE-2017-16939 | 7.2 |
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM
|
19-01-2023 - 15:46 | 24-11-2017 - 10:29 | |
CVE-2017-15868 | 7.2 |
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
|
19-01-2023 - 15:46 | 05-12-2017 - 23:29 | |
CVE-2017-15115 | 7.2 |
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possi
|
19-01-2023 - 15:46 | 15-11-2017 - 21:29 | |
CVE-2017-17805 | 7.2 |
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
|
19-01-2023 - 15:45 | 20-12-2017 - 23:29 | |
CVE-2017-5753 | 4.7 |
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
23-11-2021 - 22:14 | 04-01-2018 - 13:29 | |
CVE-2017-5754 | 4.7 |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
|
19-11-2021 - 18:15 | 04-01-2018 - 13:29 | |
CVE-2017-5715 | 1.9 |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
16-08-2021 - 09:15 | 04-01-2018 - 13:29 | |
CVE-2017-17450 | 4.6 |
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data s
|
03-10-2019 - 00:03 | 07-12-2017 - 00:29 | |
CVE-2017-13167 | 7.2 |
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
|
03-10-2019 - 00:03 | 06-12-2017 - 14:29 | |
CVE-2017-17558 | 7.2 |
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allow
|
14-05-2019 - 23:29 | 12-12-2017 - 15:29 | |
CVE-2017-16538 | 7.2 |
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a mi
|
24-08-2018 - 10:29 | 04-11-2017 - 01:29 | |
CVE-2017-14106 | 4.9 |
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
|
13-07-2018 - 01:29 | 01-09-2017 - 16:29 |