fkie_cve-2017-1000253
Vulnerability from fkie_nvd
Published
2017-10-05 01:29
Modified
2025-01-22 19:08
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
References
cve@mitre.orghttp://www.securityfocus.com/bid/101010Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1039434Third Party Advisory, VDB Entry
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2793Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2794Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2795Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2796Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2797Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2798Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2799Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2800Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2801Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2802Third Party Advisory
cve@mitre.orghttps://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txtPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101010Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039434Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2793Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2794Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2795Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2796Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2797Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2798Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2799Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2800Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2801Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2802Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txtPatch, Third Party Advisory
Impacted products
Vendor Product Version
centos centos 6.0
centos centos 6.1
centos centos 6.2
centos centos 6.3
centos centos 6.4
centos centos 6.5
centos centos 6.6
centos centos 6.7
centos centos 6.8
centos centos 6.9
centos centos 7.1406
centos centos 7.1503
centos centos 7.1511
centos centos 7.1611
redhat enterprise_linux 6.0
redhat enterprise_linux 6.1
redhat enterprise_linux 6.2
redhat enterprise_linux 6.3
redhat enterprise_linux 6.4
redhat enterprise_linux 6.5
redhat enterprise_linux 6.6
redhat enterprise_linux 6.7
redhat enterprise_linux 6.8
redhat enterprise_linux 6.9
redhat enterprise_linux 7.0
redhat enterprise_linux 7.1
redhat enterprise_linux 7.2
redhat enterprise_linux 7.3
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *


To clipboard 

{
  "cisaActionDue": "2024-09-30",
  "cisaExploitAdd": "2024-09-09",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability ",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED1C5E1D-21F5-46FA-89F6-A9B7E4BC94EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "455E5124-9EC1-4C73-997B-212D9DDC5949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3652270-3566-49BF-9235-EE041EF87E63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE1DFBF-E5FF-42B1-B58C-34C94A8AB65F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "76CA16D1-B633-4E1A-A769-1587B4DFE09C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D880E621-F60A-4EDB-B3A5-93411DDF0E36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA91BDF-A89A-4EE1-AED9-9523B5C1DD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "444146DF-7ACE-4D4A-AA39-CD17D4ADDD98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "48FE5EA8-A978-464D-89E1-1AD187C92D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9420109A-E62E-40F9-9B82-EF9D5431680C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A0A2BB-D332-428B-AE50-3A5EC0551C79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE32F8A2-B456-40CF-A6C0-27B8B9096A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*",
              "matchCriteriaId": "25459148-714C-4322-847A-FFF4D9B37EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB71F04-DF1E-48CE-BC2F-3A6A47C025BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5A165C-3721-4A87-839F-BD4F6778DA77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9045284A-C762-4913-B5AF-8499235F969C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "905EC4D0-7604-476A-8176-9FFCEB1DC6B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "564DCCFD-77BF-4FB1-A0A0-96104B154282",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "467A831E-C63B-476F-A71F-8FB52556BC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "243980B8-4044-4776-B521-F9D709E68CCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A7795D-CFD3-4643-A7A1-7AD7629B5511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "266EA1B3-526F-4D12-873E-08CE3861AEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64B31F8B-955E-437A-BD1C-8FDBC53CA2EA",
              "versionEndExcluding": "3.2.70",
              "versionStartIncluding": "2.6.25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6548E1CE-CC24-4E01-A277-1424BE536777",
              "versionEndExcluding": "3.4.109",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F018224B-768E-407A-AEA6-5CEFAC65534C",
              "versionEndExcluding": "3.10.77",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3677661A-9F24-4A1D-A66A-DF9330DF6DB9",
              "versionEndExcluding": "3.12.43",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E439BE91-83E3-4795-9E2D-C174EE1B84F5",
              "versionEndExcluding": "3.14.41",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DC4BA70-B111-4D2E-BC78-6601CED68F08",
              "versionEndExcluding": "3.16.35",
              "versionStartIncluding": "3.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB16F9A-A3E5-4CAC-905D-F60426BBAD9D",
              "versionEndExcluding": "3.18.14",
              "versionStartIncluding": "3.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25099C5E-E14E-44D4-8482-0F87E1A22572",
              "versionEndExcluding": "3.19.7",
              "versionStartIncluding": "3.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB190AE4-287F-40B5-AC62-0B1E50DBE00D",
              "versionEndExcluding": "4.0.2",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). Esta vulnerabilidad en los kernels se parche\u00f3 en abril de 2015 por el commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (aplicado a Linux 3.10.77 en mayo de 2015), pero no se reconoci\u00f3 como amenaza de seguridad. Con CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE habilitado y una estrategia vertical normal de asignaci\u00f3n de direcciones, load_elf_binary() intentar\u00e1 mapear un binario PIE en un rango de direcciones inmediatamente inferior a mm-\u003emmap_base. Por desgracia, load_elf_ binary() no tiene en cuenta la necesidad de asignar el suficiente espacio para todo el binario, lo que significa que, estando el primer segmento PT_LOAD est\u00e1 mapeado bajo mm-\u003emmap_base, los siguientes segmentos PT_LOAD acaban mapeados sobre mm-\u003emmap_base en el \u00e1rea que deber\u00eda ser el \"hueco\" entre la pila y el binario."
    }
  ],
  "id": "CVE-2017-1000253",
  "lastModified": "2025-01-22T19:08:07.267",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2017-10-05T01:29:04.790",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101010"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039434"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2793"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2794"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2795"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2796"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2797"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2798"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2799"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2800"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2801"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2802"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:2802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.