certfr_avis - certfr-2018-avi-147

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise High Availability 12-SP2 et 12-SP3
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 12-SP2 et 12-SP3
SUSE	N/A	OpenStack Cloud Magnum Orchestration 7
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server pour Raspberry Pi 12-SP2
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12-SP2 et 12-SP3
SUSE	N/A	SUSE CaaS Platform ALL
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP2 et 12-SP3
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 12 et 12-SP3
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12-SP2 et 12-SP3

CVE-2017-18208 (GCVE-0-2017-18208)

Vulnerability from cvelistv5

Published

2018-03-01 05:00

Modified

2024-08-05 21:13

Severity ?

CWE

n/a

Summary

The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2018:3083	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91	x_refsource_MISC
	https://usn.ubuntu.com/3619-2/	vendor-advisory, x_refsource_UBUNTU
	https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:2948	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3653-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3655-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3655-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3653-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3657-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:3096	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91	x_refsource_MISC
	https://usn.ubuntu.com/3619-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:3967	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4058	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4057	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:3083",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3083"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
          },
          {
            "name": "USN-3619-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "USN-3653-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-2/"
          },
          {
            "name": "USN-3655-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-1/"
          },
          {
            "name": "USN-3655-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-2/"
          },
          {
            "name": "USN-3653-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-1/"
          },
          {
            "name": "USN-3657-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3657-1/"
          },
          {
            "name": "RHSA-2018:3096",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3096"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
          },
          {
            "name": "USN-3619-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-1/"
          },
          {
            "name": "RHSA-2019:3967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3967"
          },
          {
            "name": "RHSA-2019:4058",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4058"
          },
          {
            "name": "RHSA-2019:4057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4057"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-03T11:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2018:3083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3083"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
        },
        {
          "name": "USN-3619-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "USN-3653-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-2/"
        },
        {
          "name": "USN-3655-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-1/"
        },
        {
          "name": "USN-3655-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-2/"
        },
        {
          "name": "USN-3653-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-1/"
        },
        {
          "name": "USN-3657-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3657-1/"
        },
        {
          "name": "RHSA-2018:3096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3096"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
        },
        {
          "name": "USN-3619-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-1/"
        },
        {
          "name": "RHSA-2019:3967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3967"
        },
        {
          "name": "RHSA-2019:4058",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4058"
        },
        {
          "name": "RHSA-2019:4057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4057"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18208",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:3083",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3083"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
            },
            {
              "name": "USN-3619-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-2/"
            },
            {
              "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4",
              "refsource": "MISC",
              "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "USN-3653-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-2/"
            },
            {
              "name": "USN-3655-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-1/"
            },
            {
              "name": "USN-3655-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-2/"
            },
            {
              "name": "USN-3653-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-1/"
            },
            {
              "name": "USN-3657-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3657-1/"
            },
            {
              "name": "RHSA-2018:3096",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3096"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
            },
            {
              "name": "USN-3619-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-1/"
            },
            {
              "name": "RHSA-2019:3967",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3967"
            },
            {
              "name": "RHSA-2019:4058",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4058"
            },
            {
              "name": "RHSA-2019:4057",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4057"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18208",
    "datePublished": "2018-03-01T05:00:00",
    "dateReserved": "2018-02-28T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-1068 (GCVE-0-2018-1068)

Vulnerability from cvelistv5

Published

2018-03-16 16:00

Modified

2024-09-16 16:13

Severity ?

CWE

CWE-119

Summary

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

References

URL

Tags

	https://www.debian.org/security/2018/dsa-4187	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3654-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3674-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3677-1/	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1552048	x_refsource_CONFIRM
	https://www.debian.org/security/2018/dsa-4188	vendor-advisory, x_refsource_DEBIAN
	https://marc.info/?l=linux-netdev&m=152023808817590&w=2	mailing-list, x_refsource_MLIST
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6	x_refsource_CONFIRM
	https://usn.ubuntu.com/3674-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:1355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2948	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/103459	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2018:1318	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3677-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3654-2/	vendor-advisory, x_refsource_UBUNTU
	https://marc.info/?l=linux-netdev&m=152025888924151&w=2	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3656-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:1170	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1190	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4159	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	Linux Kernel Organization, Inc.	Linux Kernel	Version: 4.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:47.340Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-1/"
          },
          {
            "name": "USN-3674-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3674-1/"
          },
          {
            "name": "USN-3677-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3677-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "[linux-netdev] 20180305 BUG: unable to handle kernel paging request in compat_copy_entries",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=linux-netdev\u0026m=152023808817590\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6"
          },
          {
            "name": "USN-3674-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3674-2/"
          },
          {
            "name": "RHSA-2018:1355",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1355"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "103459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103459"
          },
          {
            "name": "RHSA-2018:1318",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1318"
          },
          {
            "name": "USN-3677-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3677-2/"
          },
          {
            "name": "USN-3654-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-2/"
          },
          {
            "name": "[linux-netdev] 20180305 [PATCH net] netfilter: check for out-of-bounds while copying compat entries",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=linux-netdev\u0026m=152025888924151\u0026w=2"
          },
          {
            "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
          },
          {
            "name": "USN-3656-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3656-1/"
          },
          {
            "name": "RHSA-2019:1170",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1170"
          },
          {
            "name": "RHSA-2019:1190",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1190"
          },
          {
            "name": "RHSA-2019:4159",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:4159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux Kernel",
          "vendor": "Linux Kernel Organization, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "4.x"
            }
          ]
        }
      ],
      "datePublic": "2018-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux 4.x kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-10T15:06:12",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-1/"
        },
        {
          "name": "USN-3674-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3674-1/"
        },
        {
          "name": "USN-3677-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3677-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "[linux-netdev] 20180305 BUG: unable to handle kernel paging request in compat_copy_entries",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://marc.info/?l=linux-netdev\u0026m=152023808817590\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6"
        },
        {
          "name": "USN-3674-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3674-2/"
        },
        {
          "name": "RHSA-2018:1355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1355"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "103459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103459"
        },
        {
          "name": "RHSA-2018:1318",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1318"
        },
        {
          "name": "USN-3677-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3677-2/"
        },
        {
          "name": "USN-3654-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-2/"
        },
        {
          "name": "[linux-netdev] 20180305 [PATCH net] netfilter: check for out-of-bounds while copying compat entries",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://marc.info/?l=linux-netdev\u0026m=152025888924151\u0026w=2"
        },
        {
          "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
        },
        {
          "name": "USN-3656-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3656-1/"
        },
        {
          "name": "RHSA-2019:1170",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1170"
        },
        {
          "name": "RHSA-2019:1190",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1190"
        },
        {
          "name": "RHSA-2019:4159",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:4159"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "DATE_PUBLIC": "2018-03-05T00:00:00",
          "ID": "CVE-2018-1068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux Kernel Organization, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in the Linux 4.x kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3654-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-1/"
            },
            {
              "name": "USN-3674-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3674-1/"
            },
            {
              "name": "USN-3677-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3677-1/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "[linux-netdev] 20180305 BUG: unable to handle kernel paging request in compat_copy_entries",
              "refsource": "MLIST",
              "url": "https://marc.info/?l=linux-netdev\u0026m=152023808817590\u0026w=2"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6"
            },
            {
              "name": "USN-3674-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3674-2/"
            },
            {
              "name": "RHSA-2018:1355",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1355"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "103459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103459"
            },
            {
              "name": "RHSA-2018:1318",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1318"
            },
            {
              "name": "USN-3677-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3677-2/"
            },
            {
              "name": "USN-3654-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-2/"
            },
            {
              "name": "[linux-netdev] 20180305 [PATCH net] netfilter: check for out-of-bounds while copying compat entries",
              "refsource": "MLIST",
              "url": "https://marc.info/?l=linux-netdev\u0026m=152025888924151\u0026w=2"
            },
            {
              "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
            },
            {
              "name": "USN-3656-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3656-1/"
            },
            {
              "name": "RHSA-2019:1170",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1170"
            },
            {
              "name": "RHSA-2019:1190",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1190"
            },
            {
              "name": "RHSA-2019:4159",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:4159"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-1068",
    "datePublished": "2018-03-16T16:00:00Z",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:13:09.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-18174 (GCVE-0-2017-18174)

Vulnerability from cvelistv5

Published

2018-02-11 18:00

Modified

2024-08-05 21:13

Severity ?

CWE

n/a

Summary

In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.

References

URL

Tags

	https://usn.ubuntu.com/3848-2/	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3	x_refsource_MISC
	https://usn.ubuntu.com/3848-1/	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3	x_refsource_MISC
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee	x_refsource_MISC
	https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.007Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3848-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3848-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
          },
          {
            "name": "USN-3848-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3848-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-21T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3848-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3848-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
        },
        {
          "name": "USN-3848-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3848-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3848-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3848-2/"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
            },
            {
              "name": "USN-3848-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3848-1/"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18174",
    "datePublished": "2018-02-11T18:00:00",
    "dateReserved": "2018-02-11T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.007Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-15951 (GCVE-0-2017-15951)

Vulnerability from cvelistv5

Published

2017-10-28 02:00

Modified

2024-08-05 20:13

Severity ?

CWE

n/a

Summary

The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.

References

URL

Tags

	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101621	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:13:06.206Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76"
          },
          {
            "name": "101621",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101621"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the \"negative\" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-01T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76"
        },
        {
          "name": "101621",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101621"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15951",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the \"negative\" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/363b02dab09b3226f3bd1420dad9c72b79a42a76"
            },
            {
              "name": "101621",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101621"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15951",
    "datePublished": "2017-10-28T02:00:00",
    "dateReserved": "2017-10-27T00:00:00",
    "dateUpdated": "2024-08-05T20:13:06.206Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-16913 (GCVE-0-2017-16913)

Vulnerability from cvelistv5

Published

2018-01-31 22:00

Modified

2024-09-16 19:47

Severity ?

CWE

Denial of service (arbitrary memory allocation)

Summary

The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.

References

URL

Tags

	https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/	x_refsource_MISC
	https://www.debian.org/security/2018/dsa-4187	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3619-2/	vendor-advisory, x_refsource_UBUNTU
	https://secuniaresearch.flexerasoftware.com/advisories/80601/	x_refsource_MISC
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114	x_refsource_MISC
	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=c6688ef9f29762e65bce325ef4acd6c675806366	x_refsource_MISC
	https://www.spinics.net/lists/linux-usb/msg163480.html	x_refsource_MISC
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8	x_refsource_MISC
	http://www.securityfocus.com/bid/102150	vdb-entry, x_refsource_BID
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3619-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Flexera Software LLC	Linux Kernel	Version: Before version 4.14.8, 4.9.71, and 4.4.114

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:35:21.278Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
          },
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3619-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/advisories/80601/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=c6688ef9f29762e65bce325ef4acd6c675806366"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
          },
          {
            "name": "USN-3754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3754-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
          },
          {
            "name": "102150",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102150"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
          },
          {
            "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
          },
          {
            "name": "USN-3619-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux Kernel",
          "vendor": "Flexera Software LLC",
          "versions": [
            {
              "status": "affected",
              "version": "Before version 4.14.8, 4.9.71, and 4.4.114"
            }
          ]
        }
      ],
      "datePublic": "2018-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service (arbitrary memory allocation)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-24T09:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
        },
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3619-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/advisories/80601/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=c6688ef9f29762e65bce325ef4acd6c675806366"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
        },
        {
          "name": "USN-3754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3754-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
        },
        {
          "name": "102150",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102150"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
        },
        {
          "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
        },
        {
          "name": "USN-3619-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "DATE_PUBLIC": "2018-01-31T00:00:00",
          "ID": "CVE-2017-16913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Before version 4.14.8, 4.9.71, and 4.4.114"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Flexera Software LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of service (arbitrary memory allocation)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
            },
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3619-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-2/"
            },
            {
              "name": "https://secuniaresearch.flexerasoftware.com/advisories/80601/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/advisories/80601/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=c6688ef9f29762e65bce325ef4acd6c675806366",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=c6688ef9f29762e65bce325ef4acd6c675806366"
            },
            {
              "name": "https://www.spinics.net/lists/linux-usb/msg163480.html",
              "refsource": "MISC",
              "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
            },
            {
              "name": "USN-3754-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3754-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
            },
            {
              "name": "102150",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102150"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
            },
            {
              "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
            },
            {
              "name": "USN-3619-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2017-16913",
    "datePublished": "2018-01-31T22:00:00Z",
    "dateReserved": "2017-11-21T00:00:00",
    "dateUpdated": "2024-09-16T19:47:31.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-17975 (GCVE-0-2017-17975)

Vulnerability from cvelistv5

Published

2017-12-30 01:00

Modified

2024-08-05 21:06

Severity ?

CWE

n/a

Summary

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.

References

URL

Tags

	http://www.securityfocus.com/bid/102330	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3654-1/	vendor-advisory, x_refsource_UBUNTU
	http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html	x_refsource_MISC
	https://www.debian.org/security/2018/dsa-4188	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3653-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3654-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3656-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3653-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3657-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102330",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102330"
          },
          {
            "name": "USN-3654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "USN-3653-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-2/"
          },
          {
            "name": "USN-3654-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-2/"
          },
          {
            "name": "USN-3656-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3656-1/"
          },
          {
            "name": "USN-3653-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-1/"
          },
          {
            "name": "USN-3657-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3657-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label\u0027s code attempts to both access and free this data structure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-23T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102330",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102330"
        },
        {
          "name": "USN-3654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "USN-3653-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-2/"
        },
        {
          "name": "USN-3654-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-2/"
        },
        {
          "name": "USN-3656-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3656-1/"
        },
        {
          "name": "USN-3653-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-1/"
        },
        {
          "name": "USN-3657-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3657-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17975",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label\u0027s code attempts to both access and free this data structure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102330",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102330"
            },
            {
              "name": "USN-3654-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-1/"
            },
            {
              "name": "http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html",
              "refsource": "MISC",
              "url": "http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "USN-3653-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-2/"
            },
            {
              "name": "USN-3654-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-2/"
            },
            {
              "name": "USN-3656-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3656-1/"
            },
            {
              "name": "USN-3653-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-1/"
            },
            {
              "name": "USN-3657-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3657-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17975",
    "datePublished": "2017-12-30T01:00:00",
    "dateReserved": "2017-12-29T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-8087 (GCVE-0-2018-8087)

Vulnerability from cvelistv5

Published

2018-03-13 06:00

Modified

2024-08-05 06:46

Severity ?

CWE

n/a

Summary

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.

References

URL

Tags

	https://usn.ubuntu.com/3676-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3678-2/	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51	x_refsource_MISC
	https://usn.ubuntu.com/3678-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3677-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/103397	vdb-entry, x_refsource_BID
	https://www.debian.org/security/2018/dsa-4188	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3678-3/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3677-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3676-2/	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51	x_refsource_MISC
	https://usn.ubuntu.com/3678-4/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:2043	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2029	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:46:13.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3676-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3676-1/"
          },
          {
            "name": "USN-3678-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3678-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51"
          },
          {
            "name": "USN-3678-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3678-1/"
          },
          {
            "name": "USN-3677-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3677-1/"
          },
          {
            "name": "103397",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103397"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "USN-3678-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3678-3/"
          },
          {
            "name": "USN-3677-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3677-2/"
          },
          {
            "name": "USN-3676-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3676-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51"
          },
          {
            "name": "USN-3678-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3678-4/"
          },
          {
            "name": "RHSA-2019:2043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2043"
          },
          {
            "name": "RHSA-2019:2029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2029"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-06T16:06:24",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3676-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3676-1/"
        },
        {
          "name": "USN-3678-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3678-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51"
        },
        {
          "name": "USN-3678-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3678-1/"
        },
        {
          "name": "USN-3677-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3677-1/"
        },
        {
          "name": "103397",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103397"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "USN-3678-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3678-3/"
        },
        {
          "name": "USN-3677-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3677-2/"
        },
        {
          "name": "USN-3676-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3676-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51"
        },
        {
          "name": "USN-3678-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3678-4/"
        },
        {
          "name": "RHSA-2019:2043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2043"
        },
        {
          "name": "RHSA-2019:2029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2029"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-8087",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3676-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3676-1/"
            },
            {
              "name": "USN-3678-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3678-2/"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51"
            },
            {
              "name": "USN-3678-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3678-1/"
            },
            {
              "name": "USN-3677-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3677-1/"
            },
            {
              "name": "103397",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103397"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "USN-3678-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3678-3/"
            },
            {
              "name": "USN-3677-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3677-2/"
            },
            {
              "name": "USN-3676-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3676-2/"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51"
            },
            {
              "name": "USN-3678-4",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3678-4/"
            },
            {
              "name": "RHSA-2019:2043",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2043"
            },
            {
              "name": "RHSA-2019:2029",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2029"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-8087",
    "datePublished": "2018-03-13T06:00:00",
    "dateReserved": "2018-03-13T00:00:00",
    "dateUpdated": "2024-08-05T06:46:13.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-1000026 (GCVE-0-2018-1000026)

Vulnerability from cvelistv5

Published

2018-02-09 23:00

Modified

2024-08-05 12:33

Severity ?

CWE

n/a

Summary

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2018:3083	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3617-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3619-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3617-3/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3632-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3620-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:2948	vendor-advisory, x_refsource_REDHAT
	https://patchwork.ozlabs.org/patch/859410/	x_refsource_MISC
	http://lists.openwall.net/netdev/2018/01/16/40	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3617-2/	vendor-advisory, x_refsource_UBUNTU
	http://lists.openwall.net/netdev/2018/01/18/96	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3620-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:3096	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3619-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:33:48.963Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:3083",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3083"
          },
          {
            "name": "USN-3617-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3617-1/"
          },
          {
            "name": "USN-3619-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-2/"
          },
          {
            "name": "USN-3617-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3617-3/"
          },
          {
            "name": "USN-3632-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3632-1/"
          },
          {
            "name": "USN-3620-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3620-2/"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://patchwork.ozlabs.org/patch/859410/"
          },
          {
            "name": "[netdev] 20180116 http://lists.openwall.net/netdev/2018/01/16/40",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.openwall.net/netdev/2018/01/16/40"
          },
          {
            "name": "USN-3617-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3617-2/"
          },
          {
            "name": "[netdev] 20180118 http://lists.openwall.net/netdev/2018/01/18/96",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.openwall.net/netdev/2018/01/18/96"
          },
          {
            "name": "USN-3620-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3620-1/"
          },
          {
            "name": "RHSA-2018:3096",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3096"
          },
          {
            "name": "USN-3619-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-1/"
          },
          {
            "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-01-18T00:00:00",
      "datePublic": "2018-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-03T11:06:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2018:3083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3083"
        },
        {
          "name": "USN-3617-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3617-1/"
        },
        {
          "name": "USN-3619-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-2/"
        },
        {
          "name": "USN-3617-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3617-3/"
        },
        {
          "name": "USN-3632-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3632-1/"
        },
        {
          "name": "USN-3620-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3620-2/"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://patchwork.ozlabs.org/patch/859410/"
        },
        {
          "name": "[netdev] 20180116 http://lists.openwall.net/netdev/2018/01/16/40",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.openwall.net/netdev/2018/01/16/40"
        },
        {
          "name": "USN-3617-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3617-2/"
        },
        {
          "name": "[netdev] 20180118 http://lists.openwall.net/netdev/2018/01/18/96",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.openwall.net/netdev/2018/01/18/96"
        },
        {
          "name": "USN-3620-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3620-1/"
        },
        {
          "name": "RHSA-2018:3096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3096"
        },
        {
          "name": "USN-3619-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-1/"
        },
        {
          "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "1/18/2018 7:01:42",
          "ID": "CVE-2018-1000026",
          "REQUESTER": "dja@axtens.net",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:3083",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3083"
            },
            {
              "name": "USN-3617-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3617-1/"
            },
            {
              "name": "USN-3619-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-2/"
            },
            {
              "name": "USN-3617-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3617-3/"
            },
            {
              "name": "USN-3632-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3632-1/"
            },
            {
              "name": "USN-3620-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3620-2/"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "https://patchwork.ozlabs.org/patch/859410/",
              "refsource": "MISC",
              "url": "https://patchwork.ozlabs.org/patch/859410/"
            },
            {
              "name": "[netdev] 20180116 http://lists.openwall.net/netdev/2018/01/16/40",
              "refsource": "MLIST",
              "url": "http://lists.openwall.net/netdev/2018/01/16/40"
            },
            {
              "name": "USN-3617-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3617-2/"
            },
            {
              "name": "[netdev] 20180118 http://lists.openwall.net/netdev/2018/01/18/96",
              "refsource": "MLIST",
              "url": "http://lists.openwall.net/netdev/2018/01/18/96"
            },
            {
              "name": "USN-3620-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3620-1/"
            },
            {
              "name": "RHSA-2018:3096",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3096"
            },
            {
              "name": "USN-3619-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-1/"
            },
            {
              "name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000026",
    "datePublished": "2018-02-09T23:00:00",
    "dateReserved": "2018-01-29T00:00:00",
    "dateUpdated": "2024-08-05T12:33:48.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13166 (GCVE-0-2017-13166)

Vulnerability from cvelistv5

Published

2017-12-06 14:00

Modified

2024-09-16 22:40

Severity ?

CWE

Elevation of privilege

Summary

An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.

References

URL

Tags

	https://www.debian.org/security/2018/dsa-4187	vendor-advisory, x_refsource_DEBIAN
	https://www.debian.org/security/2018/dsa-4120	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1319	vendor-advisory, x_refsource_REDHAT
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:2948	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/pixel/2017-12-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:1170	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1130	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Google Inc.	Android	Version: Android kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "DSA-4120",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4120"
          },
          {
            "name": "RHSA-2018:1062",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1062"
          },
          {
            "name": "RHSA-2018:1319",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1319"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "RHSA-2018:0676",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0676"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
          },
          {
            "name": "RHSA-2018:1170",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1170"
          },
          {
            "name": "RHSA-2018:1130",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1130"
          },
          {
            "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Android",
          "vendor": "Google Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "datePublic": "2017-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-30T20:57:01",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "DSA-4120",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4120"
        },
        {
          "name": "RHSA-2018:1062",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1062"
        },
        {
          "name": "RHSA-2018:1319",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1319"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "RHSA-2018:0676",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0676"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
        },
        {
          "name": "RHSA-2018:1170",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1170"
        },
        {
          "name": "RHSA-2018:1130",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1130"
        },
        {
          "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@android.com",
          "DATE_PUBLIC": "2017-12-04T00:00:00",
          "ID": "CVE-2017-13166",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Android",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Android kernel"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Google Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Elevation of privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "DSA-4120",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4120"
            },
            {
              "name": "RHSA-2018:1062",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1062"
            },
            {
              "name": "RHSA-2018:1319",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1319"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "RHSA-2018:0676",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0676"
            },
            {
              "name": "https://source.android.com/security/bulletin/pixel/2017-12-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
            },
            {
              "name": "RHSA-2018:1170",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1170"
            },
            {
              "name": "RHSA-2018:1130",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1130"
            },
            {
              "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2017-13166",
    "datePublished": "2017-12-06T14:00:00Z",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-09-16T22:40:26.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-16912 (GCVE-0-2017-16912)

Vulnerability from cvelistv5

Published

2018-01-31 22:00

Modified

2024-09-17 03:48

Severity ?

CWE

Denial of service (out-of-bounds read)

Summary

The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.

References

URL

Tags

	https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/	x_refsource_MISC
	https://www.debian.org/security/2018/dsa-4187	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3619-2/	vendor-advisory, x_refsource_UBUNTU
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114	x_refsource_MISC
	https://www.spinics.net/lists/linux-usb/msg163480.html	x_refsource_MISC
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8	x_refsource_MISC
	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43	x_refsource_MISC
	https://secuniaresearch.flexerasoftware.com/advisories/77000/	x_refsource_MISC
	http://www.securityfocus.com/bid/102150	vdb-entry, x_refsource_BID
	https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3619-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Flexera Software LLC	Linux Kernel	Version: Before version 4.14.8, 4.9.71, and 4.4.114

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:35:21.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
          },
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3619-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
          },
          {
            "name": "USN-3754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3754-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/advisories/77000/"
          },
          {
            "name": "102150",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102150"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
          },
          {
            "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
          },
          {
            "name": "USN-3619-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux Kernel",
          "vendor": "Flexera Software LLC",
          "versions": [
            {
              "status": "affected",
              "version": "Before version 4.14.8, 4.9.71, and 4.4.114"
            }
          ]
        }
      ],
      "datePublic": "2018-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service (out-of-bounds read)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-24T09:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
        },
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3619-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
        },
        {
          "name": "USN-3754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3754-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/advisories/77000/"
        },
        {
          "name": "102150",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102150"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
        },
        {
          "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
        },
        {
          "name": "USN-3619-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "DATE_PUBLIC": "2018-01-31T00:00:00",
          "ID": "CVE-2017-16912",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Before version 4.14.8, 4.9.71, and 4.4.114"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Flexera Software LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of service (out-of-bounds read)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/"
            },
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3619-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-2/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114"
            },
            {
              "name": "https://www.spinics.net/lists/linux-usb/msg163480.html",
              "refsource": "MISC",
              "url": "https://www.spinics.net/lists/linux-usb/msg163480.html"
            },
            {
              "name": "USN-3754-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3754-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43"
            },
            {
              "name": "https://secuniaresearch.flexerasoftware.com/advisories/77000/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/advisories/77000/"
            },
            {
              "name": "102150",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102150"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71"
            },
            {
              "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
            },
            {
              "name": "USN-3619-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2017-16912",
    "datePublished": "2018-01-31T22:00:00Z",
    "dateReserved": "2017-11-21T00:00:00",
    "dateUpdated": "2024-09-17T03:48:33.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-16644 (GCVE-0-2017-16644)

Vulnerability from cvelistv5

Published

2017-11-07 23:00

Modified

2024-08-05 20:27

Severity ?

CWE

n/a

Summary

The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.

References

URL

Tags

	https://groups.google.com/d/msg/syzkaller/ngC5SLvxPm4/gduhCARhAwAJ	x_refsource_MISC
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://patchwork.kernel.org/patch/9966135/	x_refsource_MISC
	https://www.debian.org/security/2017/dsa-4073	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/101842	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:27:04.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/d/msg/syzkaller/ngC5SLvxPm4/gduhCARhAwAJ"
          },
          {
            "name": "USN-3754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3754-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://patchwork.kernel.org/patch/9966135/"
          },
          {
            "name": "DSA-4073",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4073"
          },
          {
            "name": "101842",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101842"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-24T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/d/msg/syzkaller/ngC5SLvxPm4/gduhCARhAwAJ"
        },
        {
          "name": "USN-3754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3754-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://patchwork.kernel.org/patch/9966135/"
        },
        {
          "name": "DSA-4073",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4073"
        },
        {
          "name": "101842",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101842"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-16644",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://groups.google.com/d/msg/syzkaller/ngC5SLvxPm4/gduhCARhAwAJ",
              "refsource": "MISC",
              "url": "https://groups.google.com/d/msg/syzkaller/ngC5SLvxPm4/gduhCARhAwAJ"
            },
            {
              "name": "USN-3754-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3754-1/"
            },
            {
              "name": "https://patchwork.kernel.org/patch/9966135/",
              "refsource": "MISC",
              "url": "https://patchwork.kernel.org/patch/9966135/"
            },
            {
              "name": "DSA-4073",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4073"
            },
            {
              "name": "101842",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101842"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-16644",
    "datePublished": "2017-11-07T23:00:00",
    "dateReserved": "2017-11-07T00:00:00",
    "dateUpdated": "2024-08-05T20:27:04.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2018-AVI-147

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature

Action not permitted

CERTFR-2018-AVI-147

Vulnerability from certfr_avis

Solution

CVE-2017-18208 (GCVE-0-2017-18208)

Vulnerability from cvelistv5

CVE-2018-1068 (GCVE-0-2018-1068)

Vulnerability from cvelistv5

CVE-2017-18174 (GCVE-0-2017-18174)

Vulnerability from cvelistv5

CVE-2017-15951 (GCVE-0-2017-15951)

Vulnerability from cvelistv5

CVE-2017-16913 (GCVE-0-2017-16913)

Vulnerability from cvelistv5

CVE-2017-17975 (GCVE-0-2017-17975)

Vulnerability from cvelistv5

CVE-2018-8087 (GCVE-0-2018-8087)

Vulnerability from cvelistv5

CVE-2018-1000026 (GCVE-0-2018-1000026)

Vulnerability from cvelistv5

CVE-2017-13166 (GCVE-0-2017-13166)

Vulnerability from cvelistv5

CVE-2017-16912 (GCVE-0-2017-16912)

Vulnerability from cvelistv5

CVE-2017-16644 (GCVE-0-2017-16644)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature