Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-375
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat . Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian 7 ppc64le | ||
Red Hat | N/A | MRG Realtime 2 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time pour NFV 7 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.4 s390x | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Real Time 7 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - 4 Year Extended Update Support 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 7 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 7 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.4 ppc64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour IBM z Systems 7 s390x | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (pour IBM Power LE) - 4 Year Extended Update Support 7.4 ppc64le | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Scientific Computing 7 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, big endian 7 ppc64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 7 x86_64 | ||
Oracle | Virtualization | Red Hat Virtualization Host 4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.4 ppc64le |
References
Title | Publication Time | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Red Hat Enterprise Linux pour Power, little endian 7 ppc64le", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "MRG Realtime 2 x86_64", "product": { "name": "N/A", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Real Time pour NFV 7 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour IBM z Systems - Extended Update Support 7.4 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Real Time 7 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - AUS 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - 4 Year Extended Update Support 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server 7 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Workstation 7 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - TUS 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Power, big endian - Extended Update Support 7.4 ppc64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour IBM z Systems 7 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server (pour IBM Power LE) - 4 Year Extended Update Support 7.4 ppc64le", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Scientific Computing 7 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Power, big endian 7 ppc64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Desktop 7 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Virtualization Host 4 x86_64", "product": { "name": "Virtualization", "vendor": { "name": "Oracle", "scada": false } } }, { "description": "Red Hat Enterprise Linux pour Power, little endian - Extended Update Support 7.4 ppc64le", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2017-14106", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14106" }, { "name": "CVE-2017-11176", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11176" }, { "name": "CVE-2017-14340", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14340" }, { "name": "CVE-2016-8399", "url": "https://www.cve.org/CVERecord?id=CVE-2016-8399" }, { "name": "CVE-2017-1000112", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000112" }, { "name": "CVE-2017-1000111", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000111" }, { "name": "CVE-2017-7541", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7541" }, { "name": "CVE-2017-7542", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7542" }, { "name": "CVE-2017-7184", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7184" }, { "name": "CVE-2017-7558", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7558" } ], "initial_release_date": "2017-10-20T00:00:00", "last_revision_date": "2017-10-20T00:00:00", "links": [], "reference": "CERTFR-2017-AVI-375", "revisions": [ { "description": "Version initiale", "revision_date": "2017-10-20T00:00:00.000000" } ], "risks": [ { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es" }, { "description": "D\u00e9ni de service" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRedHat . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2930 du 19 octobre 2017", "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2918 du 19 octobre 2017", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2931 du 19 octobre 2017", "url": "https://access.redhat.com/errata/RHSA-2017:2931" } ] }
CVE-2017-7184 (GCVE-0-2017-7184)
Vulnerability from cvelistv5
Published
2017-03-19 18:00
Modified
2024-08-05 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T15:56:35.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.trendmicro.com/results-pwn2own-2017-day-one/" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "97018", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/97018" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "1038166", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038166" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://twitter.com/thezdi/status/842126074435665920" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://openwall.com/lists/oss-security/2017/03/29/2" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:4159", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-03-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-10T15:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://blog.trendmicro.com/results-pwn2own-2017-day-one/" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "97018", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/97018" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "1038166", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038166" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a" }, { "tags": [ "x_refsource_MISC" ], "url": "https://twitter.com/thezdi/status/842126074435665920" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://openwall.com/lists/oss-security/2017/03/29/2" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:4159", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.trendmicro.com/results-pwn2own-2017-day-one/", "refsource": "MISC", "url": "https://blog.trendmicro.com/results-pwn2own-2017-day-one/" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "97018", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97018" }, { "name": "https://source.android.com/security/bulletin/2017-05-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "1038166", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038166" }, { "name": "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df" }, { "name": "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition", "refsource": "MISC", "url": "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition" }, { "name": "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a" }, { "name": "https://twitter.com/thezdi/status/842126074435665920", "refsource": "MISC", "url": "https://twitter.com/thezdi/status/842126074435665920" }, { "name": "http://openwall.com/lists/oss-security/2017/03/29/2", "refsource": "CONFIRM", "url": "http://openwall.com/lists/oss-security/2017/03/29/2" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:4159", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7184", "datePublished": "2017-03-19T18:00:00", "dateReserved": "2017-03-19T00:00:00", "dateUpdated": "2024-08-05T15:56:35.949Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-1000111 (GCVE-0-2017-1000111)
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-08-05 21:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T21:53:06.811Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100267", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100267" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2017-1000111" }, { "name": "1039132", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039132" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2017-08-22T00:00:00", "datePublic": "2017-10-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-06T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100267", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100267" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/security/cve/cve-2017-1000111" }, { "name": "1039132", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039132" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-08-22T17:29:33.324350", "ID": "CVE-2017-1000111", "REQUESTER": "willemdebruijn.kernel@gmail.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2017:3200", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100267", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100267" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "https://access.redhat.com/security/cve/cve-2017-1000111", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/cve/cve-2017-1000111" }, { "name": "1039132", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039132" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000111", "datePublished": "2017-10-04T01:00:00", "dateReserved": "2017-10-03T00:00:00", "dateUpdated": "2024-08-05T21:53:06.811Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-1000112 (GCVE-0-2017-1000112)
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-08-05 21:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T21:53:06.785Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20170810 Linux kernel: CVE-2017-1000112: Exploitable memory corruption due to UFO to non-UFO path switch", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://seclists.org/oss-sec/2017/q3/277" }, { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100262", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100262" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112" }, { "name": "1039162", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039162" }, { "name": "45147", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/45147/" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:1932", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1932" }, { "name": "RHSA-2019:1931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1931" }, { "name": "RHSA-2019:4159", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2017-08-22T00:00:00", "datePublic": "2017-10-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb-\u003elen becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev-\u003elen - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 (\"[IPv4/IPv6]: UFO Scatter-gather approach\") on Oct 18 2005." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-10T15:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[oss-security] 20170810 Linux kernel: CVE-2017-1000112: Exploitable memory corruption due to UFO to non-UFO path switch", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://seclists.org/oss-sec/2017/q3/277" }, { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100262", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100262" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112" }, { "name": "1039162", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039162" }, { "name": "45147", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/45147/" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:1932", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1932" }, { "name": "RHSA-2019:1931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1931" }, { "name": "RHSA-2019:4159", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-08-22T17:29:33.325175", "ID": "CVE-2017-1000112", "REQUESTER": "willemdebruijn.kernel@gmail.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb-\u003elen becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev-\u003elen - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 (\"[IPv4/IPv6]: UFO Scatter-gather approach\") on Oct 18 2005." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20170810 Linux kernel: CVE-2017-1000112: Exploitable memory corruption due to UFO to non-UFO path switch", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2017/q3/277" }, { "name": "RHSA-2017:3200", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "100262", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100262" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "DSA-3981", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112", "refsource": "MISC", "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112" }, { "name": "1039162", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039162" }, { "name": "45147", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/45147/" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "RHSA-2019:1932", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1932" }, { "name": "RHSA-2019:1931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1931" }, { "name": "RHSA-2019:4159", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4159" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000112", "datePublished": "2017-10-04T01:00:00", "dateReserved": "2017-10-03T00:00:00", "dateUpdated": "2024-08-05T21:53:06.785Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-7541 (GCVE-0-2017-7541)
Vulnerability from cvelistv5
Published
2017-07-25 04:00
Modified
2024-08-05 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- memory corruption
Summary
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Linux kernel before 4.12.3 |
Version: Linux kernel before 4.12.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:04:11.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c" }, { "name": "99955", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99955" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-11-01" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473198" }, { "name": "RHSA-2017:2863", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2863" }, { "name": "1038981", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038981" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.novell.com/show_bug.cgi?id=1049645" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.spinics.net/lists/stable/msg180994.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://openwall.com/lists/oss-security/2017/07/24/2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Linux kernel before 4.12.3", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel before 4.12.3" } ] } ], "datePublic": "2017-07-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet." } ], "problemTypes": [ { "descriptions": [ { "description": "memory corruption", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-07T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c" }, { "name": "99955", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99955" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-11-01" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473198" }, { "name": "RHSA-2017:2863", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2863" }, { "name": "1038981", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038981" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.novell.com/show_bug.cgi?id=1049645" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.spinics.net/lists/stable/msg180994.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://openwall.com/lists/oss-security/2017/07/24/2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7541", "datePublished": "2017-07-25T04:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:11.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-14106 (GCVE-0-2017-14106)
Vulnerability from cvelistv5
Published
2017-09-01 16:00
Modified
2024-08-05 19:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T19:20:39.873Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "SUSE-SU-2018:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "100878", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100878" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "RHSA-2018:2172", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "1039549", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039549" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-09-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-12T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2017:3200", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "SUSE-SU-2018:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "100878", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100878" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "RHSA-2018:2172", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "1039549", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039549" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14106", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2017:3200", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3200" }, { "name": "SUSE-SU-2018:0011", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "100878", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100878" }, { "name": "DSA-3981", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "RHSA-2018:2172", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "name": "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8" }, { "name": "https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html", "refsource": "CONFIRM", "url": "https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "1039549", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039549" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-14106", "datePublished": "2017-09-01T16:00:00", "dateReserved": "2017-09-01T00:00:00", "dateUpdated": "2024-08-05T19:20:39.873Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-11176 (GCVE-0-2017-11176)
Vulnerability from cvelistv5
Published
2017-07-11 23:00
Modified
2024-08-05 17:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T17:57:57.680Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "name": "RHSA-2018:0169", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0169" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "99919", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99919" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "name": "45553", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/45553/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "RHSA-2018:3822", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3822" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-07-11T00:00:00", "descriptions": [ { "lang": "en", "value": "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-12-13T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "name": "RHSA-2018:0169", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0169" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "99919", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99919" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "name": "45553", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/45553/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "RHSA-2018:3822", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3822" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-11176", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-3927", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3927" }, { "name": "RHSA-2018:0169", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0169" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "99919", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99919" }, { "name": "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "DSA-3945", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3945" }, { "name": "45553", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/45553/" }, { "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1" }, { "name": "RHSA-2018:3822", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3822" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-11176", "datePublished": "2017-07-11T23:00:00", "dateReserved": "2017-07-11T00:00:00", "dateUpdated": "2024-08-05T17:57:57.680Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-14340 (GCVE-0-2017-14340)
Vulnerability from cvelistv5
Published
2017-09-15 11:00
Modified
2024-08-05 19:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T19:20:41.477Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100851", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100851" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491344" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://seclists.org/oss-sec/2017/q3/436" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-09-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-06T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "100851", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100851" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491344" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3981" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://seclists.org/oss-sec/2017/q3/436" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14340", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "100851", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100851" }, { "name": "RHSA-2017:2918", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1491344", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491344" }, { "name": "https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc" }, { "name": "DSA-3981", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3981" }, { "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2" }, { "name": "http://seclists.org/oss-sec/2017/q3/436", "refsource": "CONFIRM", "url": "http://seclists.org/oss-sec/2017/q3/436" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-14340", "datePublished": "2017-09-15T11:00:00", "dateReserved": "2017-09-12T00:00:00", "dateUpdated": "2024-08-05T19:20:41.477Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-8399 (GCVE-0-2016-8399)
Vulnerability from cvelistv5
Published
2017-01-12 15:00
Modified
2024-08-06 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.231Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "94708", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94708" }, { "name": "RHSA-2017:0817", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html" }, { "name": "RHSA-2017:0869", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:0869" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K23030550?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2016-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-10-09T19:07:21", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "94708", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94708" }, { "name": "RHSA-2017:0817", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html" }, { "name": "RHSA-2017:0869", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:0869" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K23030550?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8399", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-12-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "RHSA-2017:2931", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "94708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94708" }, { "name": "RHSA-2017:0817", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html" }, { "name": "RHSA-2017:0869", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0869" }, { "name": "RHSA-2017:2930", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2930" }, { "name": "https://support.f5.com/csp/article/K23030550?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K23030550?utm_source=f5support\u0026amp;utm_medium=RSS" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8399", "datePublished": "2017-01-12T15:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.231Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-7542 (GCVE-0-2017-7542)
Vulnerability from cvelistv5
Published
2017-07-21 16:00
Modified
2024-08-05 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Linux kernel versions up to and including 4.12 |
Version: Linux kernel versions up to and including 4.12 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:04:11.869Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "name": "RHSA-2018:0169", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0169" }, { "name": "USN-3583-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3583-2/" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "99953", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99953" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "USN-3583-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3583-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Linux kernel versions up to and including 4.12", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel versions up to and including 4.12" } ] } ], "datePublic": "2017-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-30T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-3927", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3927" }, { "name": "RHSA-2018:0169", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0169" }, { "name": "USN-3583-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3583-2/" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "99953", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99953" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "USN-3583-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3583-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6" }, { "name": "DSA-3945", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3945" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7542", "datePublished": "2017-07-21T16:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:11.869Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-7558 (GCVE-0-2017-7558)
Vulnerability from cvelistv5
Published
2018-07-26 15:00
Modified
2024-08-05 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace.
References
URL | Tags | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:04:12.011Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[linux-netdev] 20170823 [PATCH net] sctp: Avoid out-of-bounds reads from address storage", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://marc.info/?l=linux-netdev\u0026m=150348777122761\u0026w=2" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "100466", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100466" }, { "name": "[oss-security] 20170823 CVE-2017-7558: Linux kernel: sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://seclists.org/oss-sec/2017/q3/338" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7558" }, { "name": "1039221", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039221" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2017/dsa-3981" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.7-rc1 through 4.13" } ] } ], "datePublic": "2017-08-23T00:00:00", "descriptions": [ { "lang": "en", "value": "A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket\u0027s diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-27T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "[linux-netdev] 20170823 [PATCH net] sctp: Avoid out-of-bounds reads from address storage", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://marc.info/?l=linux-netdev\u0026m=150348777122761\u0026w=2" }, { "name": "RHSA-2017:2918", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2918" }, { "name": "RHSA-2017:2931", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2931" }, { "name": "100466", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100466" }, { "name": "[oss-security] 20170823 CVE-2017-7558: Linux kernel: sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://seclists.org/oss-sec/2017/q3/338" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7558" }, { "name": "1039221", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039221" }, { "name": "DSA-3981", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2017/dsa-3981" }, { "name": "RHSA-2017:2930", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2930" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7558", "datePublished": "2018-07-26T15:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:12.011Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…