csaf_suse - suse-su-2017:2770-1

SUSE-SU-2017:2770-1

Vulnerability from csaf_suse - Published: 2017-10-19 05:28 - Updated: 2017-10-19 05:28

Summary

Security update for Linux Kernel Live Patch 23 for SLE 12

Notes

Title of the patch

Security update for Linux Kernel Live Patch 23 for SLE 12

Description of the patch

This update for the Linux Kernel 3.12.61-52_80 fixes one issue. The following security bugs were fixed: - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call (bsc#1045327). - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950).

Patchnames

SUSE-SLE-SERVER-12-2017-1712

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 23 for SLE 12",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.61-52_80 fixes one issue.\n\nThe following security bugs were fixed:\n\n- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call (bsc#1045327).\n- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SERVER-12-2017-1712",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2770-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2770-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172770-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2770-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003307.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045327",
        "url": "https://bugzilla.suse.com/1045327"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1057950",
        "url": "https://bugzilla.suse.com/1057950"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000251 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000251/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15274 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15274/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 23 for SLE 12",
    "tracking": {
      "current_release_date": "2017-10-19T05:28:01Z",
      "generator": {
        "date": "2017-10-19T05:28:01Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2770-1",
      "initial_release_date": "2017-10-19T05:28:01Z",
      "revision_history": [
        {
          "date": "2017-10-19T05:28:01Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-1000251",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000251"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000251",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000251"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057389 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1057389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057950 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1057950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1070535 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1070535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072117 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1072117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072162 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1072162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1120758 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1120758"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-10-19T05:28:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-1000251"
    },
    {
      "cve": "CVE-2017-15274",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15274"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15274",
          "url": "https://www.suse.com/security/cve/CVE-2017-15274"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1045327 for CVE-2017-15274",
          "url": "https://bugzilla.suse.com/1045327"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1062471 for CVE-2017-15274",
          "url": "https://bugzilla.suse.com/1062471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-default-4-4.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_80-xen-4-4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-10-19T05:28:01Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-15274"
    }
  ]
}

CVE-2017-1000251 (GCVE-0-2017-1000251)

Vulnerability from cvelistv5 – Published: 2017-09-12 17:00 – Updated: 2024-08-05 22:00

Summary

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2017:2732	vendor-advisoryx_refsource_REDHAT
	https://www.exploit-db.com/exploits/42762/	exploitx_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2017:2705	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2683	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2704	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2682	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://www.armis.com/blueborne	x_refsource_MISC
	http://www.securitytracker.com/id/1039373	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2731	vendor-advisoryx_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3981	vendor-advisoryx_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:2706	vendor-advisoryx_refsource_REDHAT
	https://www.synology.com/support/security/Synolog…	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/f2fcfcd6…	x_refsource_MISC
	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100809	vdb-entryx_refsource_BID
	https://www.kb.cert.org/vuls/id/240311	third-party-advisoryx_refsource_CERT-VN
	https://access.redhat.com/errata/RHSA-2017:2681	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2679	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2680	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2707	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:00:39.937Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:2732",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2732"
          },
          {
            "name": "42762",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42762/"
          },
          {
            "name": "RHSA-2017:2705",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2705"
          },
          {
            "name": "RHSA-2017:2683",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2683"
          },
          {
            "name": "RHSA-2017:2704",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2704"
          },
          {
            "name": "RHSA-2017:2682",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2682"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/blueborne"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.armis.com/blueborne"
          },
          {
            "name": "1039373",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039373"
          },
          {
            "name": "RHSA-2017:2731",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2731"
          },
          {
            "name": "DSA-3981",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3981"
          },
          {
            "name": "RHSA-2017:2706",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2706"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "name": "100809",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100809"
          },
          {
            "name": "VU#240311",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/240311"
          },
          {
            "name": "RHSA-2017:2681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2681"
          },
          {
            "name": "RHSA-2017:2679",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2679"
          },
          {
            "name": "RHSA-2017:2680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2680"
          },
          {
            "name": "RHSA-2017:2707",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2707"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-09-08T00:00:00",
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-16T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2017:2732",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2732"
        },
        {
          "name": "42762",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42762/"
        },
        {
          "name": "RHSA-2017:2705",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2705"
        },
        {
          "name": "RHSA-2017:2683",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2683"
        },
        {
          "name": "RHSA-2017:2704",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2704"
        },
        {
          "name": "RHSA-2017:2682",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2682"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/blueborne"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.armis.com/blueborne"
        },
        {
          "name": "1039373",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039373"
        },
        {
          "name": "RHSA-2017:2731",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2731"
        },
        {
          "name": "DSA-3981",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3981"
        },
        {
          "name": "RHSA-2017:2706",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2706"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
        },
        {
          "name": "100809",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100809"
        },
        {
          "name": "VU#240311",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/240311"
        },
        {
          "name": "RHSA-2017:2681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2681"
        },
        {
          "name": "RHSA-2017:2679",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2679"
        },
        {
          "name": "RHSA-2017:2680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2680"
        },
        {
          "name": "RHSA-2017:2707",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2707"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-09-08",
          "ID": "CVE-2017-1000251",
          "REQUESTER": "security@armis.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2017:2732",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2732"
            },
            {
              "name": "42762",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42762/"
            },
            {
              "name": "RHSA-2017:2705",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2705"
            },
            {
              "name": "RHSA-2017:2683",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2683"
            },
            {
              "name": "RHSA-2017:2704",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2704"
            },
            {
              "name": "RHSA-2017:2682",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2682"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/blueborne",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/blueborne"
            },
            {
              "name": "https://www.armis.com/blueborne",
              "refsource": "MISC",
              "url": "https://www.armis.com/blueborne"
            },
            {
              "name": "1039373",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039373"
            },
            {
              "name": "RHSA-2017:2731",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2731"
            },
            {
              "name": "DSA-3981",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3981"
            },
            {
              "name": "RHSA-2017:2706",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2706"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
            },
            {
              "name": "100809",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100809"
            },
            {
              "name": "VU#240311",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/240311"
            },
            {
              "name": "RHSA-2017:2681",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2681"
            },
            {
              "name": "RHSA-2017:2679",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2679"
            },
            {
              "name": "RHSA-2017:2680",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2680"
            },
            {
              "name": "RHSA-2017:2707",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2707"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000251",
    "datePublished": "2017-09-12T17:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T22:00:39.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-15274 (GCVE-0-2017-15274)

Vulnerability from cvelistv5 – Published: 2017-10-12 00:00 – Updated: 2024-08-05 19:50

Summary

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/torvalds/linux/commit/5649645d…	x_refsource_CONFIRM
	https://patchwork.kernel.org/patch/9781573/	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-2/	vendor-advisoryx_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/Chang…	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.securityfocus.com/bid/101292	vdb-entryx_refsource_BID
	https://bugzilla.suse.com/show_bug.cgi?id=1045327	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torva…	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:1946	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.470Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://patchwork.kernel.org/patch/9781573/"
          },
          {
            "name": "USN-3583-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3583-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"
          },
          {
            "name": "USN-3583-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3583-1/"
          },
          {
            "name": "101292",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1045327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5"
          },
          {
            "name": "RHSA-2019:1946",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1946"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-30T12:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://patchwork.kernel.org/patch/9781573/"
        },
        {
          "name": "USN-3583-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3583-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"
        },
        {
          "name": "USN-3583-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3583-1/"
        },
        {
          "name": "101292",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1045327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5"
        },
        {
          "name": "RHSA-2019:1946",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1946"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15274",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5"
            },
            {
              "name": "https://patchwork.kernel.org/patch/9781573/",
              "refsource": "CONFIRM",
              "url": "https://patchwork.kernel.org/patch/9781573/"
            },
            {
              "name": "USN-3583-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3583-2/"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"
            },
            {
              "name": "USN-3583-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3583-1/"
            },
            {
              "name": "101292",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101292"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1045327",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1045327"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5"
            },
            {
              "name": "RHSA-2019:1946",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1946"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15274",
    "datePublished": "2017-10-12T00:00:00",
    "dateReserved": "2017-10-11T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.470Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2017:2770-1

CVE-2017-1000251 (GCVE-0-2017-1000251)

CVE-2017-15274 (GCVE-0-2017-15274)

Tags

Sightings

Nomenclature