Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-17053 (GCVE-0-2017-17053)
Vulnerability from cvelistv5 – Published: 2017-11-29 03:00 – Updated: 2024-08-05 20:43- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/102010 | vdb-entryx_refsource_BID |
| https://github.com/torvalds/linux/commit/ccd5b323… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:0676 | vendor-advisoryx_refsource_REDHAT |
| https://www.kernel.org/pub/linux/kernel/v4.x/Chan… | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "102010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102010"
},
{
"name": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17053",
"datePublished": "2017-11-29T03:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:43:59.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-17053",
"date": "2026-07-17",
"epss": "0.00376",
"percentile": "0.29905"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.4.144\", \"versionEndExcluding\": \"4.4.153\", \"matchCriteriaId\": \"2A1EB29A-4793-4527-8D94-4736FFCD695B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.6\", \"versionEndExcluding\": \"4.9.46\", \"matchCriteriaId\": \"3415528F-A245-41FE-92D4-953ACB5977FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.10\", \"versionEndExcluding\": \"4.12.10\", \"matchCriteriaId\": \"228B0872-5ADF-4033-B9EE-75A0E0E3D4D0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n init_new_context en arch/x86/include/asm/mmu_context.h en el kernel de Linux en versiones anteriores a la 4.12.10 no gestiona errores de asignaci\\u00f3n de tablas LDT al bifurcar un nuevo proceso. Esto permite que un atacante local logre un uso de memoria previamente liberada o que, posiblemente, tenga otro impacto sin especificar ejecutando un programa especialmente manipulado. Esta vulnerabilidad solo afecta a los kernels construidos con CONFIG_MODIFY_LDT_SYSCALL=y.\"}]",
"id": "CVE-2017-17053",
"lastModified": "2024-11-21T03:17:24.180",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-11-29T03:29:00.300",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/102010\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0676\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/102010\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-17053\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-11-29T03:29:00.300\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n init_new_context en arch/x86/include/asm/mmu_context.h en el kernel de Linux en versiones anteriores a la 4.12.10 no gestiona errores de asignaci\u00f3n de tablas LDT al bifurcar un nuevo proceso. Esto permite que un atacante local logre un uso de memoria previamente liberada o que, posiblemente, tenga otro impacto sin especificar ejecutando un programa especialmente manipulado. Esta vulnerabilidad solo afecta a los kernels construidos con CONFIG_MODIFY_LDT_SYSCALL=y.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4.144\",\"versionEndExcluding\":\"4.4.153\",\"matchCriteriaId\":\"2A1EB29A-4793-4527-8D94-4736FFCD695B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.6\",\"versionEndExcluding\":\"4.9.46\",\"matchCriteriaId\":\"3415528F-A245-41FE-92D4-953ACB5977FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.12.10\",\"matchCriteriaId\":\"228B0872-5ADF-4033-B9EE-75A0E0E3D4D0\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102010\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-06-28T11:12:37+00:00",
"cve": "CVE-2017-17053",
"id": "CVE-2017-17053",
"initial_release_date": "2017-08-24T00:00:00+00:00",
"product_status:known_not_affected": "88",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "kernel: Incorrect handling in arch/x86/include/asm/mmu_context.h:init_new_context function allowing use-after-free",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2017/cve-2017-17053.json",
"version": "3"
}
}
}
CERTFR-2018-AVI-402
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-11600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11600"
},
{
"name": "CVE-2017-18344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18344"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-10853",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10853"
},
{
"name": "CVE-2017-17053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17053"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-402",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une atteinte\n\u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182416-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182416-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182413-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182413-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182426-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182426-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182414-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182414-1/"
}
]
}
CERTFR-2018-AVI-402
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-11600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11600"
},
{
"name": "CVE-2017-18344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18344"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-10853",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10853"
},
{
"name": "CVE-2017-17053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17053"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-402",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une atteinte\n\u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182416-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182416-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182413-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182413-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182426-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182426-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20182414-1 du 17 ao\u00fbt 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182414-1/"
}
]
}
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc
| Name | Linux kernel <4.12.10 |
|---|
{
"bids": {
"bid": {
"bidNumber": "102010"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-17053"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.12.10\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684arch/x86/include/asm/mmu_context.h\u6587\u4ef6\u7684\u2018init_new_context\u2019\u51fd\u6570\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u5904\u7406LDT\u8868\u5206\u914d\u65f6\u51fa\u73b0\u7684\u9519\u8bef\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Linux",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-36609",
"openTime": "2017-12-07",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.12.10\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684arch/x86/include/asm/mmu_context.h\u6587\u4ef6\u7684\u2018init_new_context\u2019\u51fd\u6570\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u5904\u7406LDT\u8868\u5206\u914d\u65f6\u51fa\u73b0\u7684\u9519\u8bef\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2017-36609\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux kernel \u003c4.12.10"
},
"referenceLink": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"serverity": "\u4f4e",
"submitTime": "2017-12-01",
"title": "Linux kernel\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2017-36609\uff09"
}
FKIE_CVE-2017-17053
Vulnerability from fkie_nvd - Published: 2017-11-29 03:29 - Updated: 2026-06-17 01:10| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "cve@mitre.org"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1EB29A-4793-4527-8D94-4736FFCD695B",
"versionEndExcluding": "4.4.153",
"versionStartIncluding": "4.4.144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3415528F-A245-41FE-92D4-953ACB5977FD",
"versionEndExcluding": "4.9.46",
"versionStartIncluding": "4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "228B0872-5ADF-4033-B9EE-75A0E0E3D4D0",
"versionEndExcluding": "4.12.10",
"versionStartIncluding": "4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y."
},
{
"lang": "es",
"value": "La funci\u00f3n init_new_context en arch/x86/include/asm/mmu_context.h en el kernel de Linux en versiones anteriores a la 4.12.10 no gestiona errores de asignaci\u00f3n de tablas LDT al bifurcar un nuevo proceso. Esto permite que un atacante local logre un uso de memoria previamente liberada o que, posiblemente, tenga otro impacto sin especificar ejecutando un programa especialmente manipulado. Esta vulnerabilidad solo afecta a los kernels construidos con CONFIG_MODIFY_LDT_SYSCALL=y."
}
],
"id": "CVE-2017-17053",
"lastModified": "2026-06-17T01:10:16.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-29T03:29:00.300",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102010"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-QV5H-FQ2W-C68J
Vulnerability from github – Published: 2022-05-14 01:47 – Updated: 2022-05-14 01:47The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.
{
"affected": [],
"aliases": [
"CVE-2017-17053"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-29T03:29:00Z",
"severity": "HIGH"
},
"details": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.",
"id": "GHSA-qv5h-fq2w-c68j",
"modified": "2022-05-14T01:47:11Z",
"published": "2022-05-14T01:47:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17053"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"type": "WEB",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102010"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2017-17053
Vulnerability from gsd - Updated: 2023-12-13 01:21{
"GSD": {
"alias": "CVE-2017-17053",
"description": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.",
"id": "GSD-2017-17053",
"references": [
"https://www.suse.com/security/cve/CVE-2017-17053.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-17053"
],
"details": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.",
"id": "GSD-2017-17053",
"modified": "2023-12-13T01:21:04.288380Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102010"
},
{
"name": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.12.10",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.153",
"versionStartIncluding": "4.4.144",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.9.46",
"versionStartIncluding": "4.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17053"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"name": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"name": "102010",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102010"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-06-21T21:01Z",
"publishedDate": "2017-11-29T03:29Z"
}
}
}
SUSE-SU-2018:2413-1
Vulnerability from csaf_suse - Published: 2018-08-17 14:57 - Updated: 2018-08-17 14:57| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.82-6_6 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system (bsc#1099306).\n- CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn\u0027t properly validate the sigevent-\u003esigev_notify field, which lead to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bsc#1103203).\nbefore 4.14.8\n- CVE-2017-17053: The init_new_context function in arch/x86/include/asm/mmu_context.h did not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y (bsc#1096679).\n- CVE-2017-11600: net/xfrm/xfrm_policy.c did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bsc#1096564) \n- CVE-2018-10853: A flaw was found in kvm. In which certain instructions such as sgdt/sidt call segmented_write_std didn\u0027t propagate access correctly. As such, during userspace induced exception, the guest can incorrectly assume that the exception happened in the kernel and panic. (bsc#1097108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-1669,SUSE-SLE-Live-Patching-12-SP3-2018-1670,SUSE-SLE-Live-Patching-12-SP3-2018-1671",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2413-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2413-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182413-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2413-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004468.html"
},
{
"category": "self",
"summary": "SUSE Bug 1096564",
"url": "https://bugzilla.suse.com/1096564"
},
{
"category": "self",
"summary": "SUSE Bug 1096679",
"url": "https://bugzilla.suse.com/1096679"
},
{
"category": "self",
"summary": "SUSE Bug 1097108",
"url": "https://bugzilla.suse.com/1097108"
},
{
"category": "self",
"summary": "SUSE Bug 1099306",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "self",
"summary": "SUSE Bug 1103203",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11600 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17053 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18344 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10853 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-08-17T14:57:02Z",
"generator": {
"date": "2018-08-17T14:57:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2413-1",
"initial_release_date": "2018-08-17T14:57:02Z",
"revision_history": [
{
"date": "2018-08-17T14:57:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"product_id": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64",
"product_id": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"product_id": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-11600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11600"
}
],
"notes": [
{
"category": "general",
"text": "net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11600",
"url": "https://www.suse.com/security/cve/CVE-2017-11600"
},
{
"category": "external",
"summary": "SUSE Bug 1050231 for CVE-2017-11600",
"url": "https://bugzilla.suse.com/1050231"
},
{
"category": "external",
"summary": "SUSE Bug 1096564 for CVE-2017-11600",
"url": "https://bugzilla.suse.com/1096564"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-11600",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-17T14:57:02Z",
"details": "important"
}
],
"title": "CVE-2017-11600"
},
{
"cve": "CVE-2017-17053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17053"
}
],
"notes": [
{
"category": "general",
"text": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17053",
"url": "https://www.suse.com/security/cve/CVE-2017-17053"
},
{
"category": "external",
"summary": "SUSE Bug 1070264 for CVE-2017-17053",
"url": "https://bugzilla.suse.com/1070264"
},
{
"category": "external",
"summary": "SUSE Bug 1096679 for CVE-2017-17053",
"url": "https://bugzilla.suse.com/1096679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-17T14:57:02Z",
"details": "moderate"
}
],
"title": "CVE-2017-17053"
},
{
"cve": "CVE-2017-18344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18344"
}
],
"notes": [
{
"category": "general",
"text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18344",
"url": "https://www.suse.com/security/cve/CVE-2017-18344"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102851 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1102851"
},
{
"category": "external",
"summary": "SUSE Bug 1103203 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "external",
"summary": "SUSE Bug 1103580 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103580"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-17T14:57:02Z",
"details": "moderate"
}
],
"title": "CVE-2017-18344"
},
{
"cve": "CVE-2018-10853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10853"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10853",
"url": "https://www.suse.com/security/cve/CVE-2018-10853"
},
{
"category": "external",
"summary": "SUSE Bug 1097104 for CVE-2018-10853",
"url": "https://bugzilla.suse.com/1097104"
},
{
"category": "external",
"summary": "SUSE Bug 1097108 for CVE-2018-10853",
"url": "https://bugzilla.suse.com/1097108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-17T14:57:02Z",
"details": "important"
}
],
"title": "CVE-2018-10853"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-11-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_6-default-10-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_9-default-10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-17T14:57:02Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
}
]
}
ubuntu-cve-2017-17053
Vulnerability from osv_ubuntu
The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-4.13.0-1005",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-azure-headers-4.13.0-1005",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-azure-tools-4.13.0-1005",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-cloud-tools-4.13.0-1005-azure",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-headers-4.13.0-1005-azure",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-image-4.13.0-1005-azure",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-image-extra-4.13.0-1005-azure",
"binary_version": "4.13.0-1005.7"
},
{
"binary_name": "linux-tools-4.13.0-1005-azure",
"binary_version": "4.13.0-1005.7"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@4.13.0-1005.7?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.13.0-1005.7"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.11.0-1009.9",
"4.11.0-1011.11",
"4.11.0-1013.13",
"4.11.0-1014.14",
"4.11.0-1015.15",
"4.11.0-1016.16"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-cloud-tools-4.13.0-1002-gcp",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-gcp-cloud-tools-4.13.0-1002",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-gcp-headers-4.13.0-1002",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-gcp-tools-4.13.0-1002",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-headers-4.13.0-1002-gcp",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-image-4.13.0-1002-gcp",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-image-extra-4.13.0-1002-gcp",
"binary_version": "4.13.0-1002.5"
},
{
"binary_name": "linux-tools-4.13.0-1002-gcp",
"binary_version": "4.13.0-1002.5"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@4.13.0-1002.5?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.13.0-1002.5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.10.0-1004.4",
"4.10.0-1006.6",
"4.10.0-1007.7",
"4.10.0-1008.8",
"4.10.0-1009.9"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "block-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "block-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "crypto-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "crypto-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "dasd-extra-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "dasd-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fat-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fat-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fb-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "firewire-core-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "floppy-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fs-core-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fs-core-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "input-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "input-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "ipmi-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "ipmi-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "irda-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "irda-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "kernel-image-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "kernel-image-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.13.0-32-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.13.0-32-lowlatency",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-headers-4.13.0-32",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-headers-4.13.0-32-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-headers-4.13.0-32-generic-lpae",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-headers-4.13.0-32-lowlatency",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-hwe-cloud-tools-4.13.0-32",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-hwe-tools-4.13.0-32",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic-lpae",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-image-4.13.0-32-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-image-4.13.0-32-generic-lpae",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-image-4.13.0-32-lowlatency",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-image-extra-4.13.0-32-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-source-4.13.0",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-tools-4.13.0-32-generic",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-tools-4.13.0-32-generic-lpae",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "linux-tools-4.13.0-32-lowlatency",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "md-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "md-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "message-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "mouse-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "mouse-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "multipath-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "multipath-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nfs-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nfs-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "parport-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "parport-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "pata-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "pcmcia-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "plip-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "plip-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "ppp-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "ppp-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "sata-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "sata-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "scsi-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "scsi-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "serial-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "storage-core-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "storage-core-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "usb-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "usb-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "virtio-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "vlan-modules-4.13.0-32-generic-di",
"binary_version": "4.13.0-32.35~16.04.1"
},
{
"binary_name": "vlan-modules-4.13.0-32-generic-lpae-di",
"binary_version": "4.13.0-32.35~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-hwe",
"purl": "pkg:deb/ubuntu/linux-hwe@4.13.0-32.35~16.04.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.13.0-32.35~16.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.8.0-36.36~16.04.1",
"4.8.0-39.42~16.04.1",
"4.8.0-41.44~16.04.1",
"4.8.0-42.45~16.04.1",
"4.8.0-44.47~16.04.1",
"4.8.0-45.48~16.04.1",
"4.8.0-46.49~16.04.1",
"4.8.0-49.52~16.04.1",
"4.8.0-51.54~16.04.1",
"4.8.0-52.55~16.04.1",
"4.8.0-53.56~16.04.1",
"4.8.0-54.57~16.04.1",
"4.8.0-56.61~16.04.1",
"4.8.0-58.63~16.04.1",
"4.10.0-27.30~16.04.2",
"4.10.0-28.32~16.04.2",
"4.10.0-30.34~16.04.1",
"4.10.0-32.36~16.04.1",
"4.10.0-33.37~16.04.1",
"4.10.0-35.39~16.04.1",
"4.10.0-37.41~16.04.1",
"4.10.0-38.42~16.04.1",
"4.10.0-40.44~16.04.1",
"4.10.0-42.46~16.04.1",
"4.13.0-26.29~16.04.2",
"4.13.0-31.34~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-image-unsigned-5.4.0-1103-azure-fde",
"binary_version": "5.4.0-1103.109+cvm1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@5.4.0-1103.109+cvm1.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1063.66+cvm2.2",
"5.4.0-1063.66+cvm3.2",
"5.4.0-1064.67+cvm1.1",
"5.4.0-1065.68+cvm2.1",
"5.4.0-1067.70+cvm1.1",
"5.4.0-1068.71+cvm1.1",
"5.4.0-1069.72+cvm1.1",
"5.4.0-1070.73+cvm1.1",
"5.4.0-1072.75+cvm1.1",
"5.4.0-1073.76+cvm1.1",
"5.4.0-1074.77+cvm1.1",
"5.4.0-1076.79+cvm1.1",
"5.4.0-1078.81+cvm1.1",
"5.4.0-1080.83+cvm1.1",
"5.4.0-1083.87+cvm1.1",
"5.4.0-1085.90+cvm1.1",
"5.4.0-1085.90+cvm2.1",
"5.4.0-1086.91+cvm1.1",
"5.4.0-1089.94+cvm1.2",
"5.4.0-1090.95+cvm1.1",
"5.4.0-1091.96+cvm1.1",
"5.4.0-1092.97+cvm1.1",
"5.4.0-1095.101+cvm1.1",
"5.4.0-1098.104+cvm1.1",
"5.4.0-1100.106+cvm1.1",
"5.4.0-1103.109+cvm1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-gke-headers-5.4.0-1105",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-gke-tools-5.4.0-1105",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-headers-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-modules-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-modules-extra-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-tools-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gke",
"purl": "pkg:deb/ubuntu/linux-gke@5.4.0-1105.112?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1033.35",
"5.4.0-1035.37",
"5.4.0-1036.38",
"5.4.0-1037.39",
"5.4.0-1039.41",
"5.4.0-1041.43",
"5.4.0-1042.44",
"5.4.0-1043.45",
"5.4.0-1044.46",
"5.4.0-1046.48",
"5.4.0-1049.52",
"5.4.0-1051.54",
"5.4.0-1052.55",
"5.4.0-1053.56",
"5.4.0-1054.57",
"5.4.0-1055.58",
"5.4.0-1056.59",
"5.4.0-1057.60",
"5.4.0-1059.62",
"5.4.0-1061.64",
"5.4.0-1062.65",
"5.4.0-1063.66",
"5.4.0-1065.68",
"5.4.0-1066.69",
"5.4.0-1067.70",
"5.4.0-1068.71",
"5.4.0-1071.76",
"5.4.0-1072.77",
"5.4.0-1074.79",
"5.4.0-1076.82",
"5.4.0-1078.84",
"5.4.0-1080.86",
"5.4.0-1081.87",
"5.4.0-1083.89",
"5.4.0-1084.90",
"5.4.0-1086.93",
"5.4.0-1087.94",
"5.4.0-1090.97",
"5.4.0-1091.98",
"5.4.0-1094.101",
"5.4.0-1095.102",
"5.4.0-1096.103",
"5.4.0-1097.104",
"5.4.0-1098.105",
"5.4.0-1099.106",
"5.4.0-1100.107",
"5.4.0-1101.108",
"5.4.0-1102.109",
"5.4.0-1103.110",
"5.4.0-1104.111",
"5.4.0-1105.112"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-headers-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-image-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-modules-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-raspi2-headers-5.4.0-1006",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-raspi2-tools-5.4.0-1006",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-tools-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-raspi2",
"purl": "pkg:deb/ubuntu/linux-raspi2@5.4.0-1006.6?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1007.8",
"5.3.0-1014.16",
"5.3.0-1015.17",
"5.3.0-1017.19",
"5.4.0-1004.4",
"5.4.0-1006.6"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "crypto-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fat-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "firewire-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fs-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fs-secondary-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "input-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "ipmi-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "kernel-image-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-buildinfo-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-headers-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-image-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-modules-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-modules-extra-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-riscv-headers-5.4.0-40",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-riscv-tools-5.4.0-40",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-tools-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "md-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "message-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "mouse-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "multipath-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nfs-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-shared-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-usb-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "parport-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "pata-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "plip-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "ppp-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "sata-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "scsi-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "storage-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "usb-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "virtio-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "vlan-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@5.4.0-40.45?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-24.28",
"5.4.0-26.30",
"5.4.0-27.31",
"5.4.0-28.32",
"5.4.0-30.34",
"5.4.0-31.35",
"5.4.0-33.37",
"5.4.0-34.38",
"5.4.0-36.41",
"5.4.0-37.42",
"5.4.0-39.44",
"5.4.0-40.45"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-headers-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-headers-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-host",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-extra-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-intel-iot-realtime",
"purl": "pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1073.75?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1073.75"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-headers-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-extra-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-headers-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-host",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@5.15.0-1032.35?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1032.35"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-headers-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-image-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-modules-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-modules-extra-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-riscv-headers-5.15.0-1028",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-riscv-tools-5.15.0-1028",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-tools-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@5.15.0-1028.32?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1004.4",
"5.13.0-1006.6+22.04.1",
"5.13.0-1007.7+22.04.1",
"5.13.0-1010.11+22.04.1",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1006.6",
"5.15.0-1007.7",
"5.15.0-1008.8",
"5.15.0-1011.12",
"5.15.0-1012.13",
"5.15.0-1014.16",
"5.15.0-1015.17",
"5.15.0-1016.18",
"5.15.0-1017.19",
"5.15.0-1018.21",
"5.15.0-1019.22",
"5.15.0-1020.23",
"5.15.0-1022.26",
"5.15.0-1023.27",
"5.15.0-1026.30",
"5.15.0-1027.31",
"5.15.0-1028.32"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-headers-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-image-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-modules-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-headers-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-tools-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-tools-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-raspi-realtime",
"purl": "pkg:deb/ubuntu/linux-raspi-realtime@6.8.0-2019.20?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-2019.20"
]
}
],
"aliases": [],
"details": "The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.",
"id": "UBUNTU-CVE-2017-17053",
"modified": "2025-10-24T04:46:37Z",
"published": "2017-11-29T03:29:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-17053"
},
{
"type": "REPORT",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"type": "REPORT",
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc"
},
{
"type": "REPORT",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17053"
}
],
"related": [],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2017-17053"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.