Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-203
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 5 juillet 2017
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 5 juillet 2017\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-9039",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9039"
},
{
"name": "CVE-2015-9040",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9040"
},
{
"name": "CVE-2015-9036",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9036"
},
{
"name": "CVE-2015-9055",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9055"
},
{
"name": "CVE-2017-8268",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8268"
},
{
"name": "CVE-2017-0685",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0685"
},
{
"name": "CVE-2017-0709",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0709"
},
{
"name": "CVE-2017-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0694"
},
{
"name": "CVE-2017-0700",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0700"
},
{
"name": "CVE-2015-9044",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9044"
},
{
"name": "CVE-2015-9037",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9037"
},
{
"name": "CVE-2016-10346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10346"
},
{
"name": "CVE-2017-8271",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8271"
},
{
"name": "CVE-2017-0673",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0673"
},
{
"name": "CVE-2017-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0689"
},
{
"name": "CVE-2015-9072",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9072"
},
{
"name": "CVE-2017-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0708"
},
{
"name": "CVE-2017-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0682"
},
{
"name": "CVE-2017-7308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7308"
},
{
"name": "CVE-2016-10344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10344"
},
{
"name": "CVE-2015-9038",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9038"
},
{
"name": "CVE-2015-9067",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9067"
},
{
"name": "CVE-2017-0681",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0681"
},
{
"name": "CVE-2015-9068",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9068"
},
{
"name": "CVE-2015-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9050"
},
{
"name": "CVE-2014-9411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9411"
},
{
"name": "CVE-2015-9062",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9062"
},
{
"name": "CVE-2017-8246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8246"
},
{
"name": "CVE-2015-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9049"
},
{
"name": "CVE-2014-9978",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9978"
},
{
"name": "CVE-2017-8257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8257"
},
{
"name": "CVE-2015-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5707"
},
{
"name": "CVE-2017-0699",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0699"
},
{
"name": "CVE-2017-0690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0690"
},
{
"name": "CVE-2017-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8261"
},
{
"name": "CVE-2017-0698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0698"
},
{
"name": "CVE-2017-0668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0668"
},
{
"name": "CVE-2015-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9048"
},
{
"name": "CVE-2017-0693",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0693"
},
{
"name": "CVE-2017-0680",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0680"
},
{
"name": "CVE-2017-0702",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0702"
},
{
"name": "CVE-2017-8255",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8255"
},
{
"name": "CVE-2017-0688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0688"
},
{
"name": "CVE-2017-5970",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5970"
},
{
"name": "CVE-2017-8260",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8260"
},
{
"name": "CVE-2014-9975",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9975"
},
{
"name": "CVE-2017-0674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0674"
},
{
"name": "CVE-2017-0704",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0704"
},
{
"name": "CVE-2015-9046",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9046"
},
{
"name": "CVE-2017-8256",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8256"
},
{
"name": "CVE-2015-9061",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9061"
},
{
"name": "CVE-2017-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3544"
},
{
"name": "CVE-2016-10347",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10347"
},
{
"name": "CVE-2017-9417",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9417"
},
{
"name": "CVE-2017-0683",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0683"
},
{
"name": "CVE-2014-9979",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9979"
},
{
"name": "CVE-2017-8265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8265"
},
{
"name": "CVE-2015-0575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0575"
},
{
"name": "CVE-2015-9035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9035"
},
{
"name": "CVE-2014-9974",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9974"
},
{
"name": "CVE-2016-5872",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5872"
},
{
"name": "CVE-2017-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0667"
},
{
"name": "CVE-2016-5863",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5863"
},
{
"name": "CVE-2017-0675",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0675"
},
{
"name": "CVE-2015-9042",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9042"
},
{
"name": "CVE-2016-10391",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10391"
},
{
"name": "CVE-2017-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0340"
},
{
"name": "CVE-2017-0710",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0710"
},
{
"name": "CVE-2017-8272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8272"
},
{
"name": "CVE-2014-9968",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9968"
},
{
"name": "CVE-2015-9041",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9041"
},
{
"name": "CVE-2017-8263",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8263"
},
{
"name": "CVE-2017-0706",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0706"
},
{
"name": "CVE-2015-9070",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9070"
},
{
"name": "CVE-2015-9071",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9071"
},
{
"name": "CVE-2014-9973",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9973"
},
{
"name": "CVE-2017-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6074"
},
{
"name": "CVE-2015-8596",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8596"
},
{
"name": "CVE-2014-9980",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9980"
},
{
"name": "CVE-2017-8270",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8270"
},
{
"name": "CVE-2017-8267",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8267"
},
{
"name": "CVE-2017-0676",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0676"
},
{
"name": "CVE-2017-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0672"
},
{
"name": "CVE-2017-8243",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8243"
},
{
"name": "CVE-2017-8266",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8266"
},
{
"name": "CVE-2017-0679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0679"
},
{
"name": "CVE-2017-0697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0697"
},
{
"name": "CVE-2015-8595",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8595"
},
{
"name": "CVE-2017-0666",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0666"
},
{
"name": "CVE-2017-8273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8273"
},
{
"name": "CVE-2017-0691",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0691"
},
{
"name": "CVE-2015-9051",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9051"
},
{
"name": "CVE-2016-10389",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10389"
},
{
"name": "CVE-2015-9054",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9054"
},
{
"name": "CVE-2017-0671",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0671"
},
{
"name": "CVE-2016-10383",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10383"
},
{
"name": "CVE-2017-8259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8259"
},
{
"name": "CVE-2015-9043",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9043"
},
{
"name": "CVE-2017-0695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0695"
},
{
"name": "CVE-2017-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0696"
},
{
"name": "CVE-2017-0326",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0326"
},
{
"name": "CVE-2015-9045",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9045"
},
{
"name": "CVE-2017-8254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8254"
},
{
"name": "CVE-2015-9060",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9060"
},
{
"name": "CVE-2017-0686",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0686"
},
{
"name": "CVE-2014-9731",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9731"
},
{
"name": "CVE-2015-9052",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9052"
},
{
"name": "CVE-2017-0711",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0711"
},
{
"name": "CVE-2016-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10388"
},
{
"name": "CVE-2017-0669",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0669"
},
{
"name": "CVE-2017-0684",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0684"
},
{
"name": "CVE-2016-10343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10343"
},
{
"name": "CVE-2017-0707",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0707"
},
{
"name": "CVE-2017-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0701"
},
{
"name": "CVE-2017-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0692"
},
{
"name": "CVE-2017-8253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8253"
},
{
"name": "CVE-2017-0677",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0677"
},
{
"name": "CVE-2014-9977",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9977"
},
{
"name": "CVE-2017-0705",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0705"
},
{
"name": "CVE-2015-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9047"
},
{
"name": "CVE-2015-9069",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9069"
},
{
"name": "CVE-2015-9053",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9053"
},
{
"name": "CVE-2016-2109",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2109"
},
{
"name": "CVE-2015-9073",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9073"
},
{
"name": "CVE-2017-8269",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8269"
},
{
"name": "CVE-2017-0540",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0540"
},
{
"name": "CVE-2017-8258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8258"
},
{
"name": "CVE-2015-8592",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8592"
},
{
"name": "CVE-2017-0664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0664"
},
{
"name": "CVE-2015-9034",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9034"
},
{
"name": "CVE-2017-0665",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0665"
},
{
"name": "CVE-2016-10382",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10382"
},
{
"name": "CVE-2017-8264",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8264"
},
{
"name": "CVE-2017-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8262"
},
{
"name": "CVE-2017-0670",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0670"
},
{
"name": "CVE-2016-5871",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5871"
},
{
"name": "CVE-2017-0678",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0678"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-203",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 05 juillet 2017",
"url": "https://source.android.com/security/bulletin/2017-07-01"
}
]
}
CVE-2017-5970 (GCVE-0-2017-5970)
Vulnerability from cvelistv5 – Published: 2017-02-14 06:30 – Updated: 2024-08-05 15:18
VLAI
EPSS
VEX
Summary
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://patchwork.ozlabs.org/patch/724136/ | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2017/02/12/3 | mailing-listx_refsource_MLIST |
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:2669 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/96233 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:2077 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=1421638 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/torvalds/linux/commit/34b2cef2… | x_refsource_CONFIRM |
| http://www.debian.org/security/2017/dsa-3791 | vendor-advisoryx_refsource_DEBIAN |
Date Public
2017-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://patchwork.ozlabs.org/patch/724136/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/724136/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/12/3"
},
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "96233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96233"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421638"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644"
},
{
"name": "DSA-3791",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5970",
"datePublished": "2017-02-14T06:30:00.000Z",
"dateReserved": "2017-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:18:48.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6074 (GCVE-0-2017-6074)
Vulnerability from cvelistv5 – Published: 2017-02-18 21:40 – Updated: 2024-08-05 15:18
VLAI
EPSS
VEX
Summary
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
25 references
Date Public
2017-02-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:49.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0323.html"
},
{
"name": "RHSA-2017:0324",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0324.html"
},
{
"name": "RHSA-2017:0365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0365.html"
},
{
"name": "RHSA-2017:0347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0347.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2017:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1209"
},
{
"name": "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/22/3"
},
{
"name": "RHSA-2017:0501",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0501.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"name": "1037876",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037876"
},
{
"name": "RHSA-2017:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0316.html"
},
{
"name": "RHSA-2017:0294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0294.html"
},
{
"name": "RHSA-2017:0295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0295.html"
},
{
"name": "RHSA-2017:0366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0366.html"
},
{
"name": "RHSA-2017:0346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0346.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4"
},
{
"name": "RHSA-2017:0403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0403.html"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
},
{
"name": "RHSA-2017:0293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0293.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2017-07"
},
{
"name": "96310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96310"
},
{
"name": "41457",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41457/"
},
{
"name": "41458",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41458/"
},
{
"name": "RHSA-2017:0345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0345.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:0323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0323.html"
},
{
"name": "RHSA-2017:0324",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0324.html"
},
{
"name": "RHSA-2017:0365",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0365.html"
},
{
"name": "RHSA-2017:0347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0347.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2017:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1209"
},
{
"name": "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/22/3"
},
{
"name": "RHSA-2017:0501",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0501.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"name": "1037876",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037876"
},
{
"name": "RHSA-2017:0316",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0316.html"
},
{
"name": "RHSA-2017:0294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0294.html"
},
{
"name": "RHSA-2017:0295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0295.html"
},
{
"name": "RHSA-2017:0366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0366.html"
},
{
"name": "RHSA-2017:0346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0346.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4"
},
{
"name": "RHSA-2017:0403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0403.html"
},
{
"name": "DSA-3791",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3791"
},
{
"name": "RHSA-2017:0293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0293.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2017-07"
},
{
"name": "96310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96310"
},
{
"name": "41457",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41457/"
},
{
"name": "41458",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41458/"
},
{
"name": "RHSA-2017:0345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0345.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0323",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0323.html"
},
{
"name": "RHSA-2017:0324",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0324.html"
},
{
"name": "RHSA-2017:0365",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0365.html"
},
{
"name": "RHSA-2017:0347",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0347.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2017:1209",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1209"
},
{
"name": "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/22/3"
},
{
"name": "RHSA-2017:0501",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0501.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2017:0932",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"name": "1037876",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037876"
},
{
"name": "RHSA-2017:0316",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0316.html"
},
{
"name": "RHSA-2017:0294",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0294.html"
},
{
"name": "RHSA-2017:0295",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0295.html"
},
{
"name": "RHSA-2017:0366",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0366.html"
},
{
"name": "RHSA-2017:0346",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0346.html"
},
{
"name": "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4"
},
{
"name": "RHSA-2017:0403",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0403.html"
},
{
"name": "DSA-3791",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3791"
},
{
"name": "RHSA-2017:0293",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0293.html"
},
{
"name": "https://www.tenable.com/security/tns-2017-07",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-07"
},
{
"name": "96310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96310"
},
{
"name": "41457",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41457/"
},
{
"name": "41458",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41458/"
},
{
"name": "RHSA-2017:0345",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0345.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6074",
"datePublished": "2017-02-18T21:40:00.000Z",
"dateReserved": "2017-02-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:18:49.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7308 (GCVE-0-2017-7308)
Vulnerability from cvelistv5 – Published: 2017-03-29 20:00 – Updated: 2024-08-05 15:56
VLAI
EPSS
VEX
Summary
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1308 | vendor-advisoryx_refsource_REDHAT |
| https://googleprojectzero.blogspot.com/2017/05/ex… | x_refsource_MISC |
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:1854 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/97234 | vdb-entryx_refsource_BID |
| https://patchwork.ozlabs.org/patch/744812/ | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/41994/ | exploitx_refsource_EXPLOIT-DB |
| https://patchwork.ozlabs.org/patch/744813/ | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/44654/ | exploitx_refsource_EXPLOIT-DB |
| https://patchwork.ozlabs.org/patch/744811/ | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1298 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1297 | vendor-advisoryx_refsource_REDHAT |
Date Public
2017-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:56:36.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1308"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2018:1854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "97234",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/744812/"
},
{
"name": "41994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41994/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/744813/"
},
{
"name": "44654",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44654/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/744811/"
},
{
"name": "RHSA-2017:1298",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1298"
},
{
"name": "RHSA-2017:1297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-19T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:1308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1308"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2018:1854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "97234",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/744812/"
},
{
"name": "41994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41994/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/744813/"
},
{
"name": "44654",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44654/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/744811/"
},
{
"name": "RHSA-2017:1298",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1298"
},
{
"name": "RHSA-2017:1297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1308",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1308"
},
{
"name": "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html",
"refsource": "MISC",
"url": "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "RHSA-2018:1854",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"name": "97234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97234"
},
{
"name": "https://patchwork.ozlabs.org/patch/744812/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/744812/"
},
{
"name": "41994",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41994/"
},
{
"name": "https://patchwork.ozlabs.org/patch/744813/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/744813/"
},
{
"name": "44654",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44654/"
},
{
"name": "https://patchwork.ozlabs.org/patch/744811/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/744811/"
},
{
"name": "RHSA-2017:1298",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1298"
},
{
"name": "RHSA-2017:1297",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7308",
"datePublished": "2017-03-29T20:00:00.000Z",
"dateReserved": "2017-03-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:56:36.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8243 (GCVE-0-2017-8243)
Vulnerability from cvelistv5 – Published: 2017-08-16 15:00 – Updated: 2024-09-16 23:06
VLAI
EPSS
VEX
Summary
A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file.
Severity
No CVSS data available.
CWE
- Buffer Copy without Checking Size of Input in Kernel
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465/references | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
Android for MSM, Firefox OS for MSM, QRD Android
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "Android for MSM, Firefox OS for MSM, QRD Android"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy without Checking Size of Input in Kernel",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T20:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-05-01T00:00:00",
"ID": "CVE-2017-8243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "Android for MSM, Firefox OS for MSM, QRD Android"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in Kernel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8243",
"datePublished": "2017-08-16T15:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:06:19.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8246 (GCVE-0-2017-8246)
Vulnerability from cvelistv5 – Published: 2017-05-12 20:00 – Updated: 2024-08-05 16:27
VLAI
EPSS
VEX
Summary
In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.
Severity
No CVSS data available.
CWE
- Use-After-Free in ALSA PCM Playback Kernel Module (CVE-2017-8246)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| https://www.codeaurora.org/use-after-free-alsa-pc… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeaurora.org/use-after-free-alsa-pcm-playback-kernel-module-cve-2017-8246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android for MSM, Firefox OS for MSM, QRD Android",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream-\u003eruntime-\u003eprivate_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream-\u003eruntime-\u003eprivate_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free in ALSA PCM Playback Kernel Module (CVE-2017-8246)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-12T15:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.codeaurora.org/use-after-free-alsa-pcm-playback-kernel-module-cve-2017-8246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-8246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream-\u003eruntime-\u003eprivate_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream-\u003eruntime-\u003eprivate_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-After-Free in ALSA PCM Playback Kernel Module (CVE-2017-8246)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "https://www.codeaurora.org/use-after-free-alsa-pcm-playback-kernel-module-cve-2017-8246",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/use-after-free-alsa-pcm-playback-kernel-module-cve-2017-8246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8246",
"datePublished": "2017-05-12T20:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:27:23.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8253 (GCVE-0-2017-8253)
Vulnerability from cvelistv5 – Published: 2017-08-18 18:00 – Updated: 2024-09-16 17:15
VLAI
EPSS
VEX
Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
Severity
No CVSS data available.
CWE
- Improper Validation of Array Index in Camera
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-07-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Validation of Array Index in Camera",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2017-8253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Array Index in Camera"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8253",
"datePublished": "2017-08-18T18:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:15:16.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8254 (GCVE-0-2017-8254)
Vulnerability from cvelistv5 – Published: 2017-08-18 18:00 – Updated: 2024-09-17 01:36
VLAI
EPSS
VEX
Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.
Severity
No CVSS data available.
CWE
- Use After Free in Audio
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-07-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free in Audio",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2017-8254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free in Audio"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8254",
"datePublished": "2017-08-18T18:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:36:29.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8255 (GCVE-0-2017-8255)
Vulnerability from cvelistv5 – Published: 2017-08-18 18:00 – Updated: 2024-09-17 02:57
VLAI
EPSS
VEX
Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.
Severity
No CVSS data available.
CWE
- Integer Overflow or Wraparound in UEFI
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-07-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow or Wraparound in UEFI",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2017-8255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound in UEFI"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8255",
"datePublished": "2017-08-18T18:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:57:46.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8256 (GCVE-0-2017-8256)
Vulnerability from cvelistv5 – Published: 2017-08-18 18:00 – Updated: 2024-09-17 01:47
VLAI
EPSS
VEX
Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses.
Severity
No CVSS data available.
CWE
- Improper Input Validation in WLAN
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-07-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation in WLAN",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2017-8256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation in WLAN"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8256",
"datePublished": "2017-08-18T18:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:47:03.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8257 (GCVE-0-2017-8257)
Vulnerability from cvelistv5 – Published: 2017-08-18 18:00 – Updated: 2024-09-17 04:04
VLAI
EPSS
VEX
Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use.
Severity
No CVSS data available.
CWE
- Use After Free in Display
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99465 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-07-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:23.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free in Display",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-19T09:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2017-8257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free in Display"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-8257",
"datePublished": "2017-08-18T18:00:00.000Z",
"dateReserved": "2017-04-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:04:45.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…