csaf_suse - suse-su-2017:2342-1

Vulnerability from csaf_suse

Published

2017-09-04 13:37

Modified

2017-09-04 13:37

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bsc#1032340). - CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bnc#979021). - CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374 bsc#1008850). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365). - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2017-1000363: A buffer overflow in kernel commandline handling of the 'lp' parameter could be used to bypass certain secure boot settings. (bnc#1039456). - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348). - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354). - CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125). - CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275). - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bsc#1049603). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565 bsc#1028372). - CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938). - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024 bsc#1033287). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850). - CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579). - CVE-2017-7482: Fixed a potential overflow in the net/rxprc where a padded len isn't checked in ticket decode (bsc#1046107). - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879). - CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bsc#1049483). - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544). - CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982). - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981). - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882). - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883). - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885). - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431). The following non-security bugs were fixed: - 8250: use callbacks to access UART_DLL/UART_DLM. - acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051). - af_key: Add lock to key dump (bsc#1047653). - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354). - alsa: ctxfi: Fallback DMA mask to 32bit (bsc#1045538). - alsa: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538). - alsa: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538). - alsa: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538). - alsa: hda - using uninitialized data (bsc#1045538). - alsa: off by one bug in snd_riptide_joystick_probe() (bsc#1045538). - alsa: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538). - ath9k: fix buffer overrun for ar9287 (bsc#1045538). - __bitmap_parselist: fix bug in empty string handling (bnc#1042633). - blacklist.conf: Add a few inapplicable items (bsc#1045538). - blacklist.conf: blacklisted 1fe89e1b6d27 (bnc#1046122) - block: do not allow updates through sysfs until registration completes (bsc#1047027). - block: fix ext_dev_lock lockdep report (bsc#1050154). - btrfs: Don't clear SGID when inheriting ACLs (bsc#1030552). - cifs: backport prepath matching fix (bsc#799133). - cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975). - cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935). - cifs: Timeout on SMBNegotiate request (bsc#1044913). - clocksource: Remove 'weak' from clocksource_default_clock() declaration (bnc#1013018). - cputime: Avoid multiplication overflow on utime scaling (bnc#938352). - crypto: nx - off by one bug in nx_of_update_msc() (fate#314588,bnc#792863). - decompress_bunzip2: off by one in get_next_block() (git-fixes). - devres: fix a for loop bounds check (git-fixes). - dlm: backport 'fix lvb invalidation conditions' (bsc#1005651). - dm: fix ioctl retry termination with signal (bsc#1050154). - drm/mgag200: Add support for G200eH3 (bnc#1044216, fate#323551) - drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81) - edac, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() (fate#313937). - enic: set skb->hash type properly (bsc#911105 FATE#317501). - ext2: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext3: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext4: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018). - ext4: fix mballoc breakage with 64k block size (bsc#1013018). - ext4: fix stack memory corruption with 64k block size (bsc#1013018). - ext4: keep existing extra fields when inode expands (bsc#1013018). - ext4: reject inodes with negative size (bsc#1013018). - fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762). - firmware: fix directory creation rule matching with make 3.80 (bsc#1012422). - firmware: fix directory creation rule matching with make 3.82 (bsc#1012422). - fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045). - Fix soft lockup in svc_rdma_send (bsc#1044854). - fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920). - fnic: Using rport->dd_data to check rport online instead of rport_lookup (bsc#1035920). - fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes). - fs: fix data invalidation in the cleancache during direct IO (git-fixes). - fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018). - fuse: add missing FR_FORCE (bsc#1013018). - fuse: initialize fc->release before calling it (bsc#1013018). - genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230). - hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018). - i40e: avoid null pointer dereference (bsc#909486 FATE#317393). - i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561). - i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561). - i40e/i40evf: Fix mixed size frags and linearization (bsc#985561). - i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561). - i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561). - i40e: Impose a lower limit on gso size (bsc#985561). - i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561). - ib/mlx4: Demote mcg message from warning to debug (bsc#919382). - ib/mlx4: Fix ib device initialization error flow (bsc#919382). - ib/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382). - ib/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382). - ib/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382). - ib/mlx4: Set traffic class in AH (bsc#919382). - Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288). - initial cr0 bits (bnc#1036056, LTC#153612). - input: cm109 - validate number of endpoints before using them (bsc#1037193). - input: hanwang - validate number of endpoints before using them (bsc#1037232). - input: yealink - validate number of endpoints before using them (bsc#1037227). - ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes). - irq: Fix race condition (bsc#1042615). - isdn/gigaset: fix NULL-deref at probe (bsc#1037356). - isofs: Do not return EACCES for unknown filesystems (bsc#1013018). - jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229). - jbd: Fix oops in journal_remove_journal_head() (bsc#1017143). - jsm: add support for additional Neo cards (bsc#1045615). - kabi fix (bsc#1008893). - kABI: mask struct xfs_icdinode change (bsc#1024788). - kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508). - kabi:severeties: Add splice_write_to_file PASS This function is part of an xfs-specific fix which never went upstream and is not expected to have 3rdparty users other than xfs itself. - kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422) - keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576). - kvm: kvm_io_bus_unregister_dev() should never fail. - libata: fix sff host state machine locking while polling (bsc#1045525). - libceph: NULL deref on crush_decode() error path (bsc#1044015). - libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515). - libfc: fixup locking in fc_disc_stop() (bsc#1029140). - libfc: move 'pending' and 'requested' setting (bsc#1029140). - libfc: only restart discovery after timeout if not already running (bsc#1029140). - lockd: use init_utsname for id encoding (bsc#1033804). - lockd: use rpc client's cl_nodename for id encoding (bsc#1033804). - locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018). - math64: New div64_u64_rem helper (bnc#938352). - md: ensure md devices are freed before module is unloaded (git-fixes). - md: fix a null dereference (bsc#1040351). - md: flush ->event_work before stopping array (git-fixes). - md linear: fix a race between linear_add() and linear_congested() (bsc#1018446). - md/linear: shutup lockdep warnning (bsc#1018446). - md: make sure GET_ARRAY_INFO ioctl reports correct 'clean' status (git-fixes). - md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes). - md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes). - md/raid1: fix test for 'was read error from last working device' (git-fixes). - md/raid5: do not record new size if resize_stripes fails (git-fixes). - md/raid5: Fix CPU hotplug callback registration (git-fixes). - md: use separate bio_pool for metadata writes (bsc#1040351). - megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154). - mlx4: reduce OOM risk on arches with large pages (bsc#919382). - mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547). - mmc: ushc: fix NULL-deref at probe (bsc#1037191). - mm: do not collapse stack gap into THP (bnc#1039348) - mm: enlarge stack guard gap (bnc#1039348). - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832). - mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832). - mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes). - mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620). - mm, mmap: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348, bnc#1045340, bnc#1045406). - module: fix memory leak on early load_module() failures (bsc#1043014). - Move nr_cpus_allowed into a hole in struct_sched_entity instead of the one below task_struct.policy. RT fills the hole 29baa7478ba4 used, which will screw up kABI for RT instead of curing the space needed problem in sched_rt_entity caused by adding ff77e4685359. This leaves nr_cpus_alowed in an odd spot, but safely allows the RT entity specific data added by ff77e4685359 to reside where it belongs.. nr_cpus_allowed just moves from one odd spot to another. - mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185). - net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes). - net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes). - net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes). - net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382). - net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382). - net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382). - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382). - net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382). - net/mlx4_core: Prevent VF from changing port configuration (bsc#919382). - net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382). - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382). - net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382). - net/mlx4_en: Change the error print to debug print (bsc#919382). - net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382). - net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382). - net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382). - net/mlx4_en: Wake TX queues only when there's enough room (bsc#1039258). - net/mlx4: Fix the check in attaching steering rules (bsc#919382). - net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382). - net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358). - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815 FATE#313898). - nfs: Avoid getting confused by confused server (bsc#1045416). - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670). - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670). - nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212). - nfsd: Don't use state id of 0 - it is reserved (bsc#1049688 bsc#1051770). - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670). - nfs: Fix another OPEN_DOWNGRADE bug (git-next). - nfs: fix nfs_size_to_loff_t (git-fixes). - nfs: Fix size of NFSACL SETACL operations (git-fixes). - nfs: Make nfs_readdir revalidate less often (bsc#1048232). - nfs: tidy up nfs_show_mountd_netid (git-fixes). - nfsv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes). - nfsv4: Fix another bug in the close/open_downgrade code (git-fixes). - nfsv4: fix getacl head length estimation (git-fixes). - nfsv4: Fix problems with close in the presence of a delegation (git-fixes). - nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes). - ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018). - ocfs2: Don't clear SGID when inheriting ACLs (bsc#1030552). - ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800). - ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018). - ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257). - ocfs2: null deref on allocation error (bsc#1013018). - pci: Allow access to VPD attributes with size 0 (bsc#1018074). - pciback: only check PF if actually dealing with a VF (bsc#999245). - pciback: use pci_physfn() (bsc#999245). - pci: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes). - perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018). - perf/core: Fix event inheritance on fork() (bnc#1013018). - posix-timers: Fix stack info leak in timer_create() (bnc#1013018). - powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163). - powerpc: Drop support for pre-POWER4 cpus (fate#322495, bsc#1032471). - powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971). - powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141). - powerpc/fadump: Update fadump documentation (bsc#1032141). - powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138,fate#319026). - powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (fate#322495, bsc#1032471). - powerpc/mm/hash: Convert mask to unsigned long (fate#322495, bsc#1032471). - powerpc/mm/hash: Increase VA range to 128TB (fate#322495, bsc#1032471). - powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (fate#322495, bsc#1032471). - powerpc/mm/hash: Support 68 bit VA (fate#322495, bsc#1032471). - powerpc/mm/hash: Use context ids 1-4 for the kernel (fate#322495, bsc#1032471). - powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (fate#322495, bsc#1032471). - powerpc/mm/slice: Convert slice_mask high slice to a bitmap (fate#322495, bsc#1032471). - powerpc/mm/slice: Fix off-by-1 error when computing slice mask (fate#322495, bsc#1032471). - powerpc/mm/slice: Move slice_mask struct definition to slice.c (fate#322495, bsc#1032471). - powerpc/mm/slice: Update slice mask printing to use bitmap printing (fate#322495, bsc#1032471). - powerpc/mm/slice: Update the function prototype (fate#322495, bsc#1032471). - powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (fate#322495, bsc#1032471). - powerpc/nvram: Fix an incorrect partition merge (bsc#1016489). - powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes). - powerpc: Remove STAB code (fate#322495, bsc#1032471). - powerpc/vdso64: Use double word compare on pointers (bsc#1016489). - raid1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1026260). - random32: fix off-by-one in seeding requirement (git-fixes). - rcu: Call out dangers of expedited RCU primitives (bsc#1008893). - rcu: Direct algorithmic SRCU implementation (bsc#1008893). - rcu: Flip ->completed only once per SRCU grace period (bsc#1008893). - rcu: Implement a variant of Peter's SRCU algorithm (bsc#1008893). - rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893). - rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893). - reiserfs: Don't clear SGID when inheriting ACLs (bsc#1030552). - reiserfs: don't preallocate blocks for extended attributes (bsc#990682). - Remove patches causing regression (bsc#1043234) - Remove superfluous make flags (bsc#1012422) - Return short read or 0 at end of a raw device, not EIO (bsc#1039594). - Revert 'kabi:severeties: Add splice_write_to_file PASS' This reverts commit 05ecf7ab16b2ea555fadd1ce17d8177394de88f2. - Revert 'math64: New div64_u64_rem helper' (bnc#938352). - Revert 'xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).' I was baing my assumption of SLE11-SP4 needing this patch on an old kernel build (3.0.101-63). Re-testing with the latest one 3.0.101-94 shows that the issue is not present. Furthermore this one was causing some crashes. This reverts commit 16ceeac70f7286b6232861c3170ed32e39dcc68c. - rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192). - s390/kmsg: add missing kmsg descriptions (bnc#1025702, LTC#151573). - s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234). - s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276). - s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276). - s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702, LTC#152144). - s390/zcrypt: Introduce CEX6 toleration (FATE#321782, LTC#147505). - sched: Always initialize cpu-power (bnc#1013018). - sched: Avoid cputime scaling overflow (bnc#938352). - sched: Avoid prev->stime underflow (bnc#938352). - sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018). - sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882). - sched/cputime: Do not scale when utime == 0 (bnc#938352). - sched/debug: Print the scheduler topology group mask (bnc#1013018). - sched: Do not account bogus utime (bnc#938352). - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018). - sched/fair: Fix min_vruntime tracking (bnc#1013018). - sched: Fix domain iteration (bnc#1013018). - sched: Fix SD_OVERLAP (bnc#1013018). - sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018). - sched: Lower chances of cputime scaling overflow (bnc#938352). - sched: Move nr_cpus_allowed out of 'struct sched_rt_entity' (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018). - sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched/topology: Fix building of overlapping sched-groups (bnc#1013018). - sched/topology: Fix overlapping sched_group_capacity (bnc#1013018). - sched/topology: Fix overlapping sched_group_mask (bnc#1013018). - sched/topology: Move comment about asymmetric node setups (bnc#1013018). - sched/topology: Optimize build_group_mask() (bnc#1013018). - sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018). - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018). - sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018). - sched/topology: Verify the first group matches the child domain (bnc#1013018). - sched: Use swap() macro in scale_stime() (bnc#938352). - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221). - scsi: fix race between simultaneous decrements of ->host_failed (bsc#1050154). - scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920). - scsi: mvsas: fix command_active typo (bsc#1050154). - scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154). - scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880). - scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702, LTC#151317). - scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702, LTC#151319). - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702, LTC#151365). - scsi: zfcp: fix use-after-'free' in FC ingress path after TMF (bnc#1025702, LTC#151312). - sfc: do not device_attach if a reset is pending (bsc#909618 FATE#317521). - sfc: reduce severity of PIO buffer alloc failures (bsc#1019168). - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - splice: Stub splice_write_to_file (bsc#1043234). - sunrpc: Clean up the slot table allocation (bsc#1013862). - sunrpc: Fix a memory leak in the backchannel code (git-fixes). - sunrpc: Initalise the struct xprt upon allocation (bsc#1013862). - svcrdma: Fix send_reply() scatter/gather set-up (git-fixes). - target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154). - tcp: abort orphan sockets stalling on zero window probes (bsc#1021913). - tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687). - tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018). - udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018). - udf: Fix races with i_size changes during readpage (bsc#1013018). - Update metadata for serial fixes (bsc#1013070) - Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854). - usb: cdc-acm: fix broken runtime suspend (bsc#1033771). - usb: cdc-acm: fix open and suspend race (bsc#1033771). - usb: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771). - usb: cdc-acm: fix runtime PM for control messages (bsc#1033771). - usb: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771). - usb: cdc-acm: fix shutdown and suspend race (bsc#1033771). - usb: cdc-acm: fix write and resume race (bsc#1033771). - usb: cdc-acm: fix write and suspend race (bsc#1033771). - usb: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288). - usb: class: usbtmc: do not print error when allocating urb fails (bsc#1036288). - usb: class: usbtmc: do not print on ENOMEM (bsc#1036288). - usb: hub: Fix crash after failure to read BOS descriptor (FATE#317453). - usb: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441). - usb: iowarrior: fix NULL-deref in write (bsc#1037359). - usb: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053). - usb: serial: ark3116: fix register-accessor error handling (git-fixes). - usb: serial: ch341: fix open error handling (bsc#1037441). - usb: serial: cp210x: fix tiocmget error handling (bsc#1037441). - usb: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441). - usb: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441). - usb: serial: io_ti: fix information leak in completion handler (git-fixes). - usb: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794). - usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256). - usb: serial: mos7720: fix NULL-deref at open (bsc#1033816). - usb: serial: mos7720: fix parallel probe (bsc#1033816). - usb: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816). - usb: serial: mos7720: fix use-after-free on probe errors (bsc#1033816). - usb: serial: mos7840: fix another NULL-deref at open (bsc#1034026). - usb: serial: mos7840: fix NULL-deref at open (bsc#1034026). - usb: serial: oti6858: fix NULL-deref at open (bsc#1037441). - usb: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441). - usb: serial: spcp8x5: fix NULL-deref at open (bsc#1037441). - usbtmc: remove redundant braces (bsc#1036288). - usbtmc: remove trailing spaces (bsc#1036288). - usb: usbip: fix nonconforming hub descriptor (bsc#1047487). - usb: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288). - usb: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288). - usb: usbtmc: add missing endpoint sanity check (bsc#1036288). - usb: usbtmc: Change magic number to constant (bsc#1036288). - usb: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288). - usb: usbtmc: fix DMA on stack (bsc#1036288). - usb: usbtmc: fix probe error path (bsc#1036288). - usb: usbtmc: Set rigol_quirk if device is listed (bsc#1036288). - usb: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288). - usb: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288). - usbvision: fix NULL-deref at probe (bsc#1050431). - usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014). - Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available. SLE11 has make 3.81 so it is required to include make 4 in the kernel OBS projects to take advantege of this. - Use PF_LESS_THROTTLE in loop device thread (bsc#1027101). - uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233). - uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629). - vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1050431). - vfs: split generic splice code from i_mutex locking (bsc#1024788). - vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356). - vmxnet3: fix checks for dma mapping errors (bsc#1045356). - vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356). - vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770). - x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562). - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 (bsc#1051478). - xen: avoid deadlock in xenbus (bnc#1047523). - xen-blkfront: correct maximum segment accounting (bsc#1018263). - xen-blkfront: do not call talk_to_blkback when already connected to blkback. - xen-blkfront: free resources if xlvbd_alloc_gendisk fails. - xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924). - xfrm: dst_entries_init() per-net dst_ops (bsc#1030814). - xfrm: NULL dereference on allocation failure (bsc#1047343). - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653). - xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056). - xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508). - xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508). - xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056). - xfs: Fix lock ordering in splice write (bsc#1024788). - xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888). - xfs: kill xfs_itruncate_start (bsc#1024788). - xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788). - xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788). - xfs: remove the i_size field in struct xfs_inode (bsc#1024788). - xfs: remove xfs_itruncate_data (bsc#1024788). - xfs: replace global xfslogd wq with per-mount wq (bsc#1024508). - xfs: split xfs_itruncate_finish (bsc#1024788). - xfs: split xfs_setattr (bsc#1024788). - xfs: Synchronize xfs_buf disposal routines (bsc#1041160). - xfs: track and serialize in-flight async buffers against unmount (bsc#1024508). - xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160). - xprtrdma: Free the pd if ib_query_qp() fails (git-fixes).

Patchnames

slertesp4-kernel-rt-13262

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\n\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bsc#1032340).\n- CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bnc#979021).\n- CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374 bsc#1008850).\n- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).\n- CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).\n- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212).\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).\n- CVE-2017-1000363: A buffer overflow in kernel commandline handling of the 'lp' parameter could be used to bypass certain secure boot settings. (bnc#1039456).\n- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).\n- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bsc#1049603).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565 bsc#1028372).\n- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593).\n- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).\n- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914).\n- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938).\n- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235).\n- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024 bsc#1033287).\n- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).\n- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178).\n- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066).\n- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850).\n- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573).\n- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).\n- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).\n- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).\n- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579).\n- CVE-2017-7482: Fixed a potential overflow in the net/rxprc where a padded len isn't checked in ticket decode (bsc#1046107).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bsc#1049483).\n- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882).\n- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).\n- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n\nThe following non-security bugs were fixed:\n\n- 8250: use callbacks to access UART_DLL/UART_DLM.\n- acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).\n- af_key: Add lock to key dump (bsc#1047653).\n- af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).\n- alsa: ctxfi: Fallback DMA mask to 32bit (bsc#1045538).\n- alsa: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538).\n- alsa: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538).\n- alsa: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538).\n- alsa: hda - using uninitialized data (bsc#1045538).\n- alsa: off by one bug in snd_riptide_joystick_probe() (bsc#1045538).\n- alsa: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538).\n- ath9k: fix buffer overrun for ar9287 (bsc#1045538).\n- __bitmap_parselist: fix bug in empty string handling (bnc#1042633).\n- blacklist.conf: Add a few inapplicable items (bsc#1045538).\n- blacklist.conf: blacklisted 1fe89e1b6d27 (bnc#1046122)\n- block: do not allow updates through sysfs until registration completes (bsc#1047027).\n- block: fix ext_dev_lock lockdep report (bsc#1050154).\n- btrfs: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- cifs: backport prepath matching fix (bsc#799133).\n- cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975).\n- cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935).\n- cifs: Timeout on SMBNegotiate request (bsc#1044913).\n- clocksource: Remove 'weak' from clocksource_default_clock() declaration (bnc#1013018).\n- cputime: Avoid multiplication overflow on utime scaling (bnc#938352).\n- crypto: nx - off by one bug in nx_of_update_msc() (fate#314588,bnc#792863).\n- decompress_bunzip2: off by one in get_next_block() (git-fixes).\n- devres: fix a for loop bounds check (git-fixes).\n- dlm: backport 'fix lvb invalidation conditions' (bsc#1005651).\n- dm: fix ioctl retry termination with signal (bsc#1050154).\n- drm/mgag200: Add support for G200eH3 (bnc#1044216, fate#323551)\n- drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81)\n- edac, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() (fate#313937).\n- enic: set skb->hash type properly (bsc#911105 FATE#317501).\n- ext2: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- ext3: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018).\n- ext4: fix mballoc breakage with 64k block size (bsc#1013018).\n- ext4: fix stack memory corruption with 64k block size (bsc#1013018).\n- ext4: keep existing extra fields when inode expands (bsc#1013018).\n- ext4: reject inodes with negative size (bsc#1013018).\n- fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762).\n- firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).\n- firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).\n- fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045).\n- Fix soft lockup in svc_rdma_send (bsc#1044854).\n- fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).\n- fnic: Using rport->dd_data to check rport online instead of rport_lookup (bsc#1035920).\n- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).\n- fs: fix data invalidation in the cleancache during direct IO (git-fixes).\n- fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018).\n- fuse: add missing FR_FORCE (bsc#1013018).\n- fuse: initialize fc->release before calling it (bsc#1013018).\n- genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230).\n- hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018).\n- i40e: avoid null pointer dereference (bsc#909486 FATE#317393).\n- i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561).\n- i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561).\n- i40e/i40evf: Fix mixed size frags and linearization (bsc#985561).\n- i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561).\n- i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561).\n- i40e: Impose a lower limit on gso size (bsc#985561).\n- i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561).\n- ib/mlx4: Demote mcg message from warning to debug (bsc#919382).\n- ib/mlx4: Fix ib device initialization error flow (bsc#919382).\n- ib/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382).\n- ib/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382).\n- ib/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382).\n- ib/mlx4: Set traffic class in AH (bsc#919382).\n- Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288).\n- initial cr0 bits (bnc#1036056, LTC#153612).\n- input: cm109 - validate number of endpoints before using them (bsc#1037193).\n- input: hanwang - validate number of endpoints before using them (bsc#1037232).\n- input: yealink - validate number of endpoints before using them (bsc#1037227).\n- ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes).\n- irq: Fix race condition (bsc#1042615).\n- isdn/gigaset: fix NULL-deref at probe (bsc#1037356).\n- isofs: Do not return EACCES for unknown filesystems (bsc#1013018).\n- jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).\n- jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).\n- jsm: add support for additional Neo cards (bsc#1045615).\n- kabi fix (bsc#1008893).\n- kABI: mask struct xfs_icdinode change (bsc#1024788).\n- kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508).\n- kabi:severeties: Add splice_write_to_file PASS This function is part of an xfs-specific fix which never went upstream and is not expected to have 3rdparty users other than xfs itself.\n- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)\n- keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).\n- kvm: kvm_io_bus_unregister_dev() should never fail.\n- libata: fix sff host state machine locking while polling (bsc#1045525).\n- libceph: NULL deref on crush_decode() error path (bsc#1044015).\n- libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515).\n- libfc: fixup locking in fc_disc_stop() (bsc#1029140).\n- libfc: move 'pending' and 'requested' setting (bsc#1029140).\n- libfc: only restart discovery after timeout if not already running (bsc#1029140).\n- lockd: use init_utsname for id encoding (bsc#1033804).\n- lockd: use rpc client's cl_nodename for id encoding (bsc#1033804).\n- locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018).\n- math64: New div64_u64_rem helper (bnc#938352).\n- md: ensure md devices are freed before module is unloaded (git-fixes).\n- md: fix a null dereference (bsc#1040351).\n- md: flush ->event_work before stopping array (git-fixes).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md/linear: shutup lockdep warnning (bsc#1018446).\n- md: make sure GET_ARRAY_INFO ioctl reports correct 'clean' status (git-fixes).\n- md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes).\n- md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes).\n- md/raid1: fix test for 'was read error from last working device' (git-fixes).\n- md/raid5: do not record new size if resize_stripes fails (git-fixes).\n- md/raid5: Fix CPU hotplug callback registration (git-fixes).\n- md: use separate bio_pool for metadata writes (bsc#1040351).\n- megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154).\n- mlx4: reduce OOM risk on arches with large pages (bsc#919382).\n- mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547).\n- mmc: ushc: fix NULL-deref at probe (bsc#1037191).\n- mm: do not collapse stack gap into THP (bnc#1039348)\n- mm: enlarge stack guard gap (bnc#1039348).\n- mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832).\n- mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832).\n- mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes).\n- mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620).\n- mm, mmap: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348, bnc#1045340, bnc#1045406).\n- module: fix memory leak on early load_module() failures (bsc#1043014).\n- Move nr_cpus_allowed into a hole in struct_sched_entity instead of the one below task_struct.policy. RT fills the hole 29baa7478ba4 used, which will screw up kABI for RT instead of curing the space needed problem in sched_rt_entity caused by adding ff77e4685359. This leaves nr_cpus_alowed in an odd spot, but safely allows the RT entity specific data added by ff77e4685359 to reside where it belongs.. nr_cpus_allowed just moves from one odd spot to another.\n- mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185).\n- net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes).\n- net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes).\n- net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes).\n- net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382).\n- net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382).\n- net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382).\n- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382).\n- net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382).\n- net/mlx4_core: Prevent VF from changing port configuration (bsc#919382).\n- net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382).\n- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382).\n- net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382).\n- net/mlx4_en: Change the error print to debug print (bsc#919382).\n- net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382).\n- net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382).\n- net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382).\n- net/mlx4_en: Wake TX queues only when there's enough room (bsc#1039258).\n- net/mlx4: Fix the check in attaching steering rules (bsc#919382).\n- net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382).\n- net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358).\n- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815 FATE#313898).\n- nfs: Avoid getting confused by confused server (bsc#1045416).\n- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).\n- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).\n- nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212).\n- nfsd: Don't use state id of 0 - it is reserved (bsc#1049688 bsc#1051770).\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).\n- nfs: Fix another OPEN_DOWNGRADE bug (git-next).\n- nfs: fix nfs_size_to_loff_t (git-fixes).\n- nfs: Fix size of NFSACL SETACL operations (git-fixes).\n- nfs: Make nfs_readdir revalidate less often (bsc#1048232).\n- nfs: tidy up nfs_show_mountd_netid (git-fixes).\n- nfsv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes).\n- nfsv4: Fix another bug in the close/open_downgrade code (git-fixes).\n- nfsv4: fix getacl head length estimation (git-fixes).\n- nfsv4: Fix problems with close in the presence of a delegation (git-fixes).\n- nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes).\n- ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018).\n- ocfs2: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800).\n- ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018).\n- ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257).\n- ocfs2: null deref on allocation error (bsc#1013018).\n- pci: Allow access to VPD attributes with size 0 (bsc#1018074).\n- pciback: only check PF if actually dealing with a VF (bsc#999245).\n- pciback: use pci_physfn() (bsc#999245).\n- pci: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes).\n- perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018).\n- perf/core: Fix event inheritance on fork() (bnc#1013018).\n- posix-timers: Fix stack info leak in timer_create() (bnc#1013018).\n- powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163).\n- powerpc: Drop support for pre-POWER4 cpus (fate#322495, bsc#1032471).\n- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).\n- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).\n- powerpc/fadump: Update fadump documentation (bsc#1032141).\n- powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138,fate#319026).\n- powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Convert mask to unsigned long (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Increase VA range to 128TB (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Support 68 bit VA (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Use context ids 1-4 for the kernel (fate#322495, bsc#1032471).\n- powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Convert slice_mask high slice to a bitmap (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Fix off-by-1 error when computing slice mask (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Move slice_mask struct definition to slice.c (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Update slice mask printing to use bitmap printing (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Update the function prototype (fate#322495, bsc#1032471).\n- powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (fate#322495, bsc#1032471).\n- powerpc/nvram: Fix an incorrect partition merge (bsc#1016489).\n- powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes).\n- powerpc: Remove STAB code (fate#322495, bsc#1032471).\n- powerpc/vdso64: Use double word compare on pointers (bsc#1016489).\n- raid1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1026260).\n- random32: fix off-by-one in seeding requirement (git-fixes).\n- rcu: Call out dangers of expedited RCU primitives (bsc#1008893).\n- rcu: Direct algorithmic SRCU implementation (bsc#1008893).\n- rcu: Flip ->completed only once per SRCU grace period (bsc#1008893).\n- rcu: Implement a variant of Peter's SRCU algorithm (bsc#1008893).\n- rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893).\n- rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893).\n- reiserfs: Don't clear SGID when inheriting ACLs (bsc#1030552).\n- reiserfs: don't preallocate blocks for extended attributes (bsc#990682).\n- Remove patches causing regression (bsc#1043234)\n- Remove superfluous make flags (bsc#1012422)\n- Return short read or 0 at end of a raw device, not EIO (bsc#1039594).\n- Revert 'kabi:severeties: Add splice_write_to_file PASS' This reverts commit 05ecf7ab16b2ea555fadd1ce17d8177394de88f2.\n- Revert 'math64: New div64_u64_rem helper' (bnc#938352).\n- Revert 'xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).' I was baing my assumption of SLE11-SP4 needing this patch on an old kernel build (3.0.101-63). Re-testing with the latest one 3.0.101-94 shows that the issue is not present. Furthermore this one was causing some crashes. This reverts commit 16ceeac70f7286b6232861c3170ed32e39dcc68c.\n- rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192).\n- s390/kmsg: add missing kmsg descriptions (bnc#1025702, LTC#151573).\n- s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234).\n- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276).\n- s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276).\n- s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702, LTC#152144).\n- s390/zcrypt: Introduce CEX6 toleration (FATE#321782, LTC#147505).\n- sched: Always initialize cpu-power (bnc#1013018).\n- sched: Avoid cputime scaling overflow (bnc#938352).\n- sched: Avoid prev->stime underflow (bnc#938352).\n- sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018).\n- sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882).\n- sched/cputime: Do not scale when utime == 0 (bnc#938352).\n- sched/debug: Print the scheduler topology group mask (bnc#1013018).\n- sched: Do not account bogus utime (bnc#938352).\n- sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018).\n- sched/fair: Fix min_vruntime tracking (bnc#1013018).\n- sched: Fix domain iteration (bnc#1013018).\n- sched: Fix SD_OVERLAP (bnc#1013018).\n- sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018).\n- sched: Lower chances of cputime scaling overflow (bnc#938352).\n- sched: Move nr_cpus_allowed out of 'struct sched_rt_entity' (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking\n- sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018).\n- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking\n- sched/topology: Fix building of overlapping sched-groups (bnc#1013018).\n- sched/topology: Fix overlapping sched_group_capacity (bnc#1013018).\n- sched/topology: Fix overlapping sched_group_mask (bnc#1013018).\n- sched/topology: Move comment about asymmetric node setups (bnc#1013018).\n- sched/topology: Optimize build_group_mask() (bnc#1013018).\n- sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018).\n- sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018).\n- sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018).\n- sched/topology: Verify the first group matches the child domain (bnc#1013018).\n- sched: Use swap() macro in scale_stime() (bnc#938352).\n- scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).\n- scsi: fix race between simultaneous decrements of ->host_failed (bsc#1050154).\n- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920).\n- scsi: mvsas: fix command_active typo (bsc#1050154).\n- scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154).\n- scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).\n- scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702, LTC#151317).\n- scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702, LTC#151319).\n- scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702, LTC#151365).\n- scsi: zfcp: fix use-after-'free' in FC ingress path after TMF (bnc#1025702, LTC#151312).\n- sfc: do not device_attach if a reset is pending (bsc#909618 FATE#317521).\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- splice: Stub splice_write_to_file (bsc#1043234).\n- sunrpc: Clean up the slot table allocation (bsc#1013862).\n- sunrpc: Fix a memory leak in the backchannel code (git-fixes).\n- sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).\n- svcrdma: Fix send_reply() scatter/gather set-up (git-fixes).\n- target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154).\n- tcp: abort orphan sockets stalling on zero window probes (bsc#1021913).\n- tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687).\n- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018).\n- udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018).\n- udf: Fix races with i_size changes during readpage (bsc#1013018).\n- Update metadata for serial fixes (bsc#1013070)\n- Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854).\n- usb: cdc-acm: fix broken runtime suspend (bsc#1033771).\n- usb: cdc-acm: fix open and suspend race (bsc#1033771).\n- usb: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771).\n- usb: cdc-acm: fix runtime PM for control messages (bsc#1033771).\n- usb: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771).\n- usb: cdc-acm: fix shutdown and suspend race (bsc#1033771).\n- usb: cdc-acm: fix write and resume race (bsc#1033771).\n- usb: cdc-acm: fix write and suspend race (bsc#1033771).\n- usb: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288).\n- usb: class: usbtmc: do not print error when allocating urb fails (bsc#1036288).\n- usb: class: usbtmc: do not print on ENOMEM (bsc#1036288).\n- usb: hub: Fix crash after failure to read BOS descriptor (FATE#317453).\n- usb: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441).\n- usb: iowarrior: fix NULL-deref in write (bsc#1037359).\n- usb: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053).\n- usb: serial: ark3116: fix register-accessor error handling (git-fixes).\n- usb: serial: ch341: fix open error handling (bsc#1037441).\n- usb: serial: cp210x: fix tiocmget error handling (bsc#1037441).\n- usb: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441).\n- usb: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441).\n- usb: serial: io_ti: fix information leak in completion handler (git-fixes).\n- usb: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794).\n- usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).\n- usb: serial: mos7720: fix NULL-deref at open (bsc#1033816).\n- usb: serial: mos7720: fix parallel probe (bsc#1033816).\n- usb: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816).\n- usb: serial: mos7720: fix use-after-free on probe errors (bsc#1033816).\n- usb: serial: mos7840: fix another NULL-deref at open (bsc#1034026).\n- usb: serial: mos7840: fix NULL-deref at open (bsc#1034026).\n- usb: serial: oti6858: fix NULL-deref at open (bsc#1037441).\n- usb: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441).\n- usb: serial: spcp8x5: fix NULL-deref at open (bsc#1037441).\n- usbtmc: remove redundant braces (bsc#1036288).\n- usbtmc: remove trailing spaces (bsc#1036288).\n- usb: usbip: fix nonconforming hub descriptor (bsc#1047487).\n- usb: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288).\n- usb: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288).\n- usb: usbtmc: add missing endpoint sanity check (bsc#1036288).\n- usb: usbtmc: Change magic number to constant (bsc#1036288).\n- usb: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288).\n- usb: usbtmc: fix DMA on stack (bsc#1036288).\n- usb: usbtmc: fix probe error path (bsc#1036288).\n- usb: usbtmc: Set rigol_quirk if device is listed (bsc#1036288).\n- usb: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288).\n- usb: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288).\n- usbvision: fix NULL-deref at probe (bsc#1050431).\n- usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014).\n- Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available. SLE11 has make 3.81 so it is required to include make 4 in the kernel OBS projects to take advantege of this.\n- Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).\n- uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233).\n- uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629).\n- vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1050431).\n- vfs: split generic splice code from i_mutex locking (bsc#1024788).\n- vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356).\n- vmxnet3: fix checks for dma mapping errors (bsc#1045356).\n- vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356).\n- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770).\n- x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).\n- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 (bsc#1051478).\n- xen: avoid deadlock in xenbus (bnc#1047523).\n- xen-blkfront: correct maximum segment accounting (bsc#1018263).\n- xen-blkfront: do not call talk_to_blkback when already connected to blkback.\n- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.\n- xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).\n- xfrm: dst_entries_init() per-net dst_ops (bsc#1030814).\n- xfrm: NULL dereference on allocation failure (bsc#1047343).\n- xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).\n- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).\n- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: Fix lock ordering in splice write (bsc#1024788).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: kill xfs_itruncate_start (bsc#1024788).\n- xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788).\n- xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788).\n- xfs: remove the i_size field in struct xfs_inode (bsc#1024788).\n- xfs: remove xfs_itruncate_data (bsc#1024788).\n- xfs: replace global xfslogd wq with per-mount wq (bsc#1024508).\n- xfs: split xfs_itruncate_finish (bsc#1024788).\n- xfs: split xfs_setattr (bsc#1024788).\n- xfs: Synchronize xfs_buf disposal routines (bsc#1041160).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n- xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160).\n- xprtrdma: Free the pd if ib_query_qp() fails (git-fixes).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "slertesp4-kernel-rt-13262",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2342-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2017:2342-1",
            url: "https://www.suse.com/support/update/announcement/2017/suse-su-20172342-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2017:2342-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2017-September/003182.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1003077",
            url: "https://bugzilla.suse.com/1003077",
         },
         {
            category: "self",
            summary: "SUSE Bug 1005651",
            url: "https://bugzilla.suse.com/1005651",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008374",
            url: "https://bugzilla.suse.com/1008374",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008850",
            url: "https://bugzilla.suse.com/1008850",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008893",
            url: "https://bugzilla.suse.com/1008893",
         },
         {
            category: "self",
            summary: "SUSE Bug 1012422",
            url: "https://bugzilla.suse.com/1012422",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013018",
            url: "https://bugzilla.suse.com/1013018",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013070",
            url: "https://bugzilla.suse.com/1013070",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013800",
            url: "https://bugzilla.suse.com/1013800",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013862",
            url: "https://bugzilla.suse.com/1013862",
         },
         {
            category: "self",
            summary: "SUSE Bug 1016489",
            url: "https://bugzilla.suse.com/1016489",
         },
         {
            category: "self",
            summary: "SUSE Bug 1017143",
            url: "https://bugzilla.suse.com/1017143",
         },
         {
            category: "self",
            summary: "SUSE Bug 1018074",
            url: "https://bugzilla.suse.com/1018074",
         },
         {
            category: "self",
            summary: "SUSE Bug 1018263",
            url: "https://bugzilla.suse.com/1018263",
         },
         {
            category: "self",
            summary: "SUSE Bug 1018446",
            url: "https://bugzilla.suse.com/1018446",
         },
         {
            category: "self",
            summary: "SUSE Bug 1019168",
            url: "https://bugzilla.suse.com/1019168",
         },
         {
            category: "self",
            summary: "SUSE Bug 1020229",
            url: "https://bugzilla.suse.com/1020229",
         },
         {
            category: "self",
            summary: "SUSE Bug 1021256",
            url: "https://bugzilla.suse.com/1021256",
         },
         {
            category: "self",
            summary: "SUSE Bug 1021913",
            url: "https://bugzilla.suse.com/1021913",
         },
         {
            category: "self",
            summary: "SUSE Bug 1022971",
            url: "https://bugzilla.suse.com/1022971",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023014",
            url: "https://bugzilla.suse.com/1023014",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023051",
            url: "https://bugzilla.suse.com/1023051",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023163",
            url: "https://bugzilla.suse.com/1023163",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023888",
            url: "https://bugzilla.suse.com/1023888",
         },
         {
            category: "self",
            summary: "SUSE Bug 1024508",
            url: "https://bugzilla.suse.com/1024508",
         },
         {
            category: "self",
            summary: "SUSE Bug 1024788",
            url: "https://bugzilla.suse.com/1024788",
         },
         {
            category: "self",
            summary: "SUSE Bug 1024938",
            url: "https://bugzilla.suse.com/1024938",
         },
         {
            category: "self",
            summary: "SUSE Bug 1025235",
            url: "https://bugzilla.suse.com/1025235",
         },
         {
            category: "self",
            summary: "SUSE Bug 1025702",
            url: "https://bugzilla.suse.com/1025702",
         },
         {
            category: "self",
            summary: "SUSE Bug 1026024",
            url: "https://bugzilla.suse.com/1026024",
         },
         {
            category: "self",
            summary: "SUSE Bug 1026260",
            url: "https://bugzilla.suse.com/1026260",
         },
         {
            category: "self",
            summary: "SUSE Bug 1026722",
            url: "https://bugzilla.suse.com/1026722",
         },
         {
            category: "self",
            summary: "SUSE Bug 1026914",
            url: "https://bugzilla.suse.com/1026914",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027066",
            url: "https://bugzilla.suse.com/1027066",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027101",
            url: "https://bugzilla.suse.com/1027101",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027178",
            url: "https://bugzilla.suse.com/1027178",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027565",
            url: "https://bugzilla.suse.com/1027565",
         },
         {
            category: "self",
            summary: "SUSE Bug 1028372",
            url: "https://bugzilla.suse.com/1028372",
         },
         {
            category: "self",
            summary: "SUSE Bug 1028415",
            url: "https://bugzilla.suse.com/1028415",
         },
         {
            category: "self",
            summary: "SUSE Bug 1028880",
            url: "https://bugzilla.suse.com/1028880",
         },
         {
            category: "self",
            summary: "SUSE Bug 1029140",
            url: "https://bugzilla.suse.com/1029140",
         },
         {
            category: "self",
            summary: "SUSE Bug 1029212",
            url: "https://bugzilla.suse.com/1029212",
         },
         {
            category: "self",
            summary: "SUSE Bug 1029770",
            url: "https://bugzilla.suse.com/1029770",
         },
         {
            category: "self",
            summary: "SUSE Bug 1029850",
            url: "https://bugzilla.suse.com/1029850",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030213",
            url: "https://bugzilla.suse.com/1030213",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030552",
            url: "https://bugzilla.suse.com/1030552",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030573",
            url: "https://bugzilla.suse.com/1030573",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030593",
            url: "https://bugzilla.suse.com/1030593",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030814",
            url: "https://bugzilla.suse.com/1030814",
         },
         {
            category: "self",
            summary: "SUSE Bug 1031003",
            url: "https://bugzilla.suse.com/1031003",
         },
         {
            category: "self",
            summary: "SUSE Bug 1031052",
            url: "https://bugzilla.suse.com/1031052",
         },
         {
            category: "self",
            summary: "SUSE Bug 1031440",
            url: "https://bugzilla.suse.com/1031440",
         },
         {
            category: "self",
            summary: "SUSE Bug 1031579",
            url: "https://bugzilla.suse.com/1031579",
         },
         {
            category: "self",
            summary: "SUSE Bug 1032141",
            url: "https://bugzilla.suse.com/1032141",
         },
         {
            category: "self",
            summary: "SUSE Bug 1032340",
            url: "https://bugzilla.suse.com/1032340",
         },
         {
            category: "self",
            summary: "SUSE Bug 1032471",
            url: "https://bugzilla.suse.com/1032471",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033287",
            url: "https://bugzilla.suse.com/1033287",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033336",
            url: "https://bugzilla.suse.com/1033336",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033771",
            url: "https://bugzilla.suse.com/1033771",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033794",
            url: "https://bugzilla.suse.com/1033794",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033804",
            url: "https://bugzilla.suse.com/1033804",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033816",
            url: "https://bugzilla.suse.com/1033816",
         },
         {
            category: "self",
            summary: "SUSE Bug 1034026",
            url: "https://bugzilla.suse.com/1034026",
         },
         {
            category: "self",
            summary: "SUSE Bug 1034670",
            url: "https://bugzilla.suse.com/1034670",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035576",
            url: "https://bugzilla.suse.com/1035576",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035777",
            url: "https://bugzilla.suse.com/1035777",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035920",
            url: "https://bugzilla.suse.com/1035920",
         },
         {
            category: "self",
            summary: "SUSE Bug 1036056",
            url: "https://bugzilla.suse.com/1036056",
         },
         {
            category: "self",
            summary: "SUSE Bug 1036288",
            url: "https://bugzilla.suse.com/1036288",
         },
         {
            category: "self",
            summary: "SUSE Bug 1036629",
            url: "https://bugzilla.suse.com/1036629",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037182",
            url: "https://bugzilla.suse.com/1037182",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037183",
            url: "https://bugzilla.suse.com/1037183",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037191",
            url: "https://bugzilla.suse.com/1037191",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037193",
            url: "https://bugzilla.suse.com/1037193",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037227",
            url: "https://bugzilla.suse.com/1037227",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037232",
            url: "https://bugzilla.suse.com/1037232",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037233",
            url: "https://bugzilla.suse.com/1037233",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037356",
            url: "https://bugzilla.suse.com/1037356",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037358",
            url: "https://bugzilla.suse.com/1037358",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037359",
            url: "https://bugzilla.suse.com/1037359",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037441",
            url: "https://bugzilla.suse.com/1037441",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038544",
            url: "https://bugzilla.suse.com/1038544",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038879",
            url: "https://bugzilla.suse.com/1038879",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038981",
            url: "https://bugzilla.suse.com/1038981",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038982",
            url: "https://bugzilla.suse.com/1038982",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039258",
            url: "https://bugzilla.suse.com/1039258",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039348",
            url: "https://bugzilla.suse.com/1039348",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039354",
            url: "https://bugzilla.suse.com/1039354",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039456",
            url: "https://bugzilla.suse.com/1039456",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039594",
            url: "https://bugzilla.suse.com/1039594",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039882",
            url: "https://bugzilla.suse.com/1039882",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039883",
            url: "https://bugzilla.suse.com/1039883",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039885",
            url: "https://bugzilla.suse.com/1039885",
         },
         {
            category: "self",
            summary: "SUSE Bug 1040069",
            url: "https://bugzilla.suse.com/1040069",
         },
         {
            category: "self",
            summary: "SUSE Bug 1040351",
            url: "https://bugzilla.suse.com/1040351",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041160",
            url: "https://bugzilla.suse.com/1041160",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041431",
            url: "https://bugzilla.suse.com/1041431",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041762",
            url: "https://bugzilla.suse.com/1041762",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041975",
            url: "https://bugzilla.suse.com/1041975",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042045",
            url: "https://bugzilla.suse.com/1042045",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042200",
            url: "https://bugzilla.suse.com/1042200",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042615",
            url: "https://bugzilla.suse.com/1042615",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042633",
            url: "https://bugzilla.suse.com/1042633",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042687",
            url: "https://bugzilla.suse.com/1042687",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042832",
            url: "https://bugzilla.suse.com/1042832",
         },
         {
            category: "self",
            summary: "SUSE Bug 1043014",
            url: "https://bugzilla.suse.com/1043014",
         },
         {
            category: "self",
            summary: "SUSE Bug 1043234",
            url: "https://bugzilla.suse.com/1043234",
         },
         {
            category: "self",
            summary: "SUSE Bug 1043935",
            url: "https://bugzilla.suse.com/1043935",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044015",
            url: "https://bugzilla.suse.com/1044015",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044125",
            url: "https://bugzilla.suse.com/1044125",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044216",
            url: "https://bugzilla.suse.com/1044216",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044230",
            url: "https://bugzilla.suse.com/1044230",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044854",
            url: "https://bugzilla.suse.com/1044854",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044882",
            url: "https://bugzilla.suse.com/1044882",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044913",
            url: "https://bugzilla.suse.com/1044913",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044985",
            url: "https://bugzilla.suse.com/1044985",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045154",
            url: "https://bugzilla.suse.com/1045154",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045340",
            url: "https://bugzilla.suse.com/1045340",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045356",
            url: "https://bugzilla.suse.com/1045356",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045406",
            url: "https://bugzilla.suse.com/1045406",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045416",
            url: "https://bugzilla.suse.com/1045416",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045525",
            url: "https://bugzilla.suse.com/1045525",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045538",
            url: "https://bugzilla.suse.com/1045538",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045547",
            url: "https://bugzilla.suse.com/1045547",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045615",
            url: "https://bugzilla.suse.com/1045615",
         },
         {
            category: "self",
            summary: "SUSE Bug 1046107",
            url: "https://bugzilla.suse.com/1046107",
         },
         {
            category: "self",
            summary: "SUSE Bug 1046122",
            url: "https://bugzilla.suse.com/1046122",
         },
         {
            category: "self",
            summary: "SUSE Bug 1046192",
            url: "https://bugzilla.suse.com/1046192",
         },
         {
            category: "self",
            summary: "SUSE Bug 1046715",
            url: "https://bugzilla.suse.com/1046715",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047027",
            url: "https://bugzilla.suse.com/1047027",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047053",
            url: "https://bugzilla.suse.com/1047053",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047343",
            url: "https://bugzilla.suse.com/1047343",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047354",
            url: "https://bugzilla.suse.com/1047354",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047487",
            url: "https://bugzilla.suse.com/1047487",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047523",
            url: "https://bugzilla.suse.com/1047523",
         },
         {
            category: "self",
            summary: "SUSE Bug 1047653",
            url: "https://bugzilla.suse.com/1047653",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048185",
            url: "https://bugzilla.suse.com/1048185",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048221",
            url: "https://bugzilla.suse.com/1048221",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048232",
            url: "https://bugzilla.suse.com/1048232",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048275",
            url: "https://bugzilla.suse.com/1048275",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049483",
            url: "https://bugzilla.suse.com/1049483",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049603",
            url: "https://bugzilla.suse.com/1049603",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049688",
            url: "https://bugzilla.suse.com/1049688",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049882",
            url: "https://bugzilla.suse.com/1049882",
         },
         {
            category: "self",
            summary: "SUSE Bug 1050154",
            url: "https://bugzilla.suse.com/1050154",
         },
         {
            category: "self",
            summary: "SUSE Bug 1050431",
            url: "https://bugzilla.suse.com/1050431",
         },
         {
            category: "self",
            summary: "SUSE Bug 1051478",
            url: "https://bugzilla.suse.com/1051478",
         },
         {
            category: "self",
            summary: "SUSE Bug 1051515",
            url: "https://bugzilla.suse.com/1051515",
         },
         {
            category: "self",
            summary: "SUSE Bug 1051770",
            url: "https://bugzilla.suse.com/1051770",
         },
         {
            category: "self",
            summary: "SUSE Bug 784815",
            url: "https://bugzilla.suse.com/784815",
         },
         {
            category: "self",
            summary: "SUSE Bug 792863",
            url: "https://bugzilla.suse.com/792863",
         },
         {
            category: "self",
            summary: "SUSE Bug 799133",
            url: "https://bugzilla.suse.com/799133",
         },
         {
            category: "self",
            summary: "SUSE Bug 870618",
            url: "https://bugzilla.suse.com/870618",
         },
         {
            category: "self",
            summary: "SUSE Bug 909486",
            url: "https://bugzilla.suse.com/909486",
         },
         {
            category: "self",
            summary: "SUSE Bug 909618",
            url: "https://bugzilla.suse.com/909618",
         },
         {
            category: "self",
            summary: "SUSE Bug 911105",
            url: "https://bugzilla.suse.com/911105",
         },
         {
            category: "self",
            summary: "SUSE Bug 919382",
            url: "https://bugzilla.suse.com/919382",
         },
         {
            category: "self",
            summary: "SUSE Bug 928138",
            url: "https://bugzilla.suse.com/928138",
         },
         {
            category: "self",
            summary: "SUSE Bug 931620",
            url: "https://bugzilla.suse.com/931620",
         },
         {
            category: "self",
            summary: "SUSE Bug 938352",
            url: "https://bugzilla.suse.com/938352",
         },
         {
            category: "self",
            summary: "SUSE Bug 943786",
            url: "https://bugzilla.suse.com/943786",
         },
         {
            category: "self",
            summary: "SUSE Bug 948562",
            url: "https://bugzilla.suse.com/948562",
         },
         {
            category: "self",
            summary: "SUSE Bug 962257",
            url: "https://bugzilla.suse.com/962257",
         },
         {
            category: "self",
            summary: "SUSE Bug 970956",
            url: "https://bugzilla.suse.com/970956",
         },
         {
            category: "self",
            summary: "SUSE Bug 971975",
            url: "https://bugzilla.suse.com/971975",
         },
         {
            category: "self",
            summary: "SUSE Bug 972891",
            url: "https://bugzilla.suse.com/972891",
         },
         {
            category: "self",
            summary: "SUSE Bug 979021",
            url: "https://bugzilla.suse.com/979021",
         },
         {
            category: "self",
            summary: "SUSE Bug 982783",
            url: "https://bugzilla.suse.com/982783",
         },
         {
            category: "self",
            summary: "SUSE Bug 983212",
            url: "https://bugzilla.suse.com/983212",
         },
         {
            category: "self",
            summary: "SUSE Bug 985561",
            url: "https://bugzilla.suse.com/985561",
         },
         {
            category: "self",
            summary: "SUSE Bug 986362",
            url: "https://bugzilla.suse.com/986362",
         },
         {
            category: "self",
            summary: "SUSE Bug 986365",
            url: "https://bugzilla.suse.com/986365",
         },
         {
            category: "self",
            summary: "SUSE Bug 986924",
            url: "https://bugzilla.suse.com/986924",
         },
         {
            category: "self",
            summary: "SUSE Bug 988065",
            url: "https://bugzilla.suse.com/988065",
         },
         {
            category: "self",
            summary: "SUSE Bug 989056",
            url: "https://bugzilla.suse.com/989056",
         },
         {
            category: "self",
            summary: "SUSE Bug 990682",
            url: "https://bugzilla.suse.com/990682",
         },
         {
            category: "self",
            summary: "SUSE Bug 991651",
            url: "https://bugzilla.suse.com/991651",
         },
         {
            category: "self",
            summary: "SUSE Bug 995542",
            url: "https://bugzilla.suse.com/995542",
         },
         {
            category: "self",
            summary: "SUSE Bug 999245",
            url: "https://bugzilla.suse.com/999245",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2014-9922 page",
            url: "https://www.suse.com/security/cve/CVE-2014-9922/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-3288 page",
            url: "https://www.suse.com/security/cve/CVE-2015-3288/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-8970 page",
            url: "https://www.suse.com/security/cve/CVE-2015-8970/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-10200 page",
            url: "https://www.suse.com/security/cve/CVE-2016-10200/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-2188 page",
            url: "https://www.suse.com/security/cve/CVE-2016-2188/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4997 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4997/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-5243 page",
            url: "https://www.suse.com/security/cve/CVE-2016-5243/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7117 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7117/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000363 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000363/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000364 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000364/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000365 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000365/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000380 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000380/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-11176 page",
            url: "https://www.suse.com/security/cve/CVE-2017-11176/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-11473 page",
            url: "https://www.suse.com/security/cve/CVE-2017-11473/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-2636 page",
            url: "https://www.suse.com/security/cve/CVE-2017-2636/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-2647 page",
            url: "https://www.suse.com/security/cve/CVE-2017-2647/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-2671 page",
            url: "https://www.suse.com/security/cve/CVE-2017-2671/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-5669 page",
            url: "https://www.suse.com/security/cve/CVE-2017-5669/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-5970 page",
            url: "https://www.suse.com/security/cve/CVE-2017-5970/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-5986 page",
            url: "https://www.suse.com/security/cve/CVE-2017-5986/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-6074 page",
            url: "https://www.suse.com/security/cve/CVE-2017-6074/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-6214 page",
            url: "https://www.suse.com/security/cve/CVE-2017-6214/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-6348 page",
            url: "https://www.suse.com/security/cve/CVE-2017-6348/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-6353 page",
            url: "https://www.suse.com/security/cve/CVE-2017-6353/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-6951 page",
            url: "https://www.suse.com/security/cve/CVE-2017-6951/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7184 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7184/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7187 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7187/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7261 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7261/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7294 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7294/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7308 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7308/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7482 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7482/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7487 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7487/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7533 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7533/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7542 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7542/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7616 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7616/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8890 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8890/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8924 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8924/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8925 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8925/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9074 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9074/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9075 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9075/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9076 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9076/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9077 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9077/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9242 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9242/",
         },
      ],
      title: "Security update for the Linux Kernel",
      tracking: {
         current_release_date: "2017-09-04T13:37:48Z",
         generator: {
            date: "2017-09-04T13:37:48Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2017:2342-1",
         initial_release_date: "2017-09-04T13:37:48Z",
         revision_history: [
            {
               date: "2017-09-04T13:37:48Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
                        product: {
                           name: "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
                           product_id: "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Real Time 11 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Real Time 11 SP4",
                           product_id: "SUSE Linux Enterprise Real Time 11 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
               product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            },
            product_reference: "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2014-9922",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2014-9922",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2014-9922",
               url: "https://www.suse.com/security/cve/CVE-2014-9922",
            },
            {
               category: "external",
               summary: "SUSE Bug 1032340 for CVE-2014-9922",
               url: "https://bugzilla.suse.com/1032340",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2014-9922",
      },
      {
         cve: "CVE-2015-3288",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-3288",
            },
         ],
         notes: [
            {
               category: "general",
               text: "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-3288",
               url: "https://www.suse.com/security/cve/CVE-2015-3288",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2015-3288",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 979021 for CVE-2015-3288",
               url: "https://bugzilla.suse.com/979021",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-3288",
      },
      {
         cve: "CVE-2015-8970",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-8970",
            },
         ],
         notes: [
            {
               category: "general",
               text: "crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-8970",
               url: "https://www.suse.com/security/cve/CVE-2015-8970",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008374 for CVE-2015-8970",
               url: "https://bugzilla.suse.com/1008374",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008850 for CVE-2015-8970",
               url: "https://bugzilla.suse.com/1008850",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-8970",
      },
      {
         cve: "CVE-2016-10200",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-10200",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-10200",
               url: "https://www.suse.com/security/cve/CVE-2016-10200",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2016-10200",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1028415 for CVE-2016-10200",
               url: "https://bugzilla.suse.com/1028415",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2016-10200",
      },
      {
         cve: "CVE-2016-2188",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-2188",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-2188",
               url: "https://www.suse.com/security/cve/CVE-2016-2188",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-2188",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 1067912 for CVE-2016-2188",
               url: "https://bugzilla.suse.com/1067912",
            },
            {
               category: "external",
               summary: "SUSE Bug 1132190 for CVE-2016-2188",
               url: "https://bugzilla.suse.com/1132190",
            },
            {
               category: "external",
               summary: "SUSE Bug 970956 for CVE-2016-2188",
               url: "https://bugzilla.suse.com/970956",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-2188",
      },
      {
         cve: "CVE-2016-4997",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4997",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4997",
               url: "https://www.suse.com/security/cve/CVE-2016-4997",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 986362 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986362",
            },
            {
               category: "external",
               summary: "SUSE Bug 986365 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986365",
            },
            {
               category: "external",
               summary: "SUSE Bug 986377 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986377",
            },
            {
               category: "external",
               summary: "SUSE Bug 991651 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/991651",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2016-4997",
      },
      {
         cve: "CVE-2016-5243",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-5243",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-5243",
               url: "https://www.suse.com/security/cve/CVE-2016-5243",
            },
            {
               category: "external",
               summary: "SUSE Bug 983212 for CVE-2016-5243",
               url: "https://bugzilla.suse.com/983212",
            },
            {
               category: "external",
               summary: "SUSE Bug 986225 for CVE-2016-5243",
               url: "https://bugzilla.suse.com/986225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2016-5243",
      },
      {
         cve: "CVE-2016-7117",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7117",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7117",
               url: "https://www.suse.com/security/cve/CVE-2016-7117",
            },
            {
               category: "external",
               summary: "SUSE Bug 1003077 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1003077",
            },
            {
               category: "external",
               summary: "SUSE Bug 1003253 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1003253",
            },
            {
               category: "external",
               summary: "SUSE Bug 1057478 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1057478",
            },
            {
               category: "external",
               summary: "SUSE Bug 1071943 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1071943",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7117",
      },
      {
         cve: "CVE-2017-1000363",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000363",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000363",
               url: "https://www.suse.com/security/cve/CVE-2017-1000363",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039456 for CVE-2017-1000363",
               url: "https://bugzilla.suse.com/1039456",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-1000363",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-1000363",
      },
      {
         cve: "CVE-2017-1000364",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000364",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000364",
               url: "https://www.suse.com/security/cve/CVE-2017-1000364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039346 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1039346",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039348 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1039348",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042200 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1042200",
            },
            {
               category: "external",
               summary: "SUSE Bug 1044985 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1044985",
            },
            {
               category: "external",
               summary: "SUSE Bug 1071943 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1071943",
            },
            {
               category: "external",
               summary: "SUSE Bug 1075506 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1075506",
            },
            {
               category: "external",
               summary: "SUSE Bug 1077345 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1077345",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 1149726 for CVE-2017-1000364",
               url: "https://bugzilla.suse.com/1149726",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.4,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-1000364",
      },
      {
         cve: "CVE-2017-1000365",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000365",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000365",
               url: "https://www.suse.com/security/cve/CVE-2017-1000365",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037551 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1037551",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039346 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039346",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039349 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039349",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039354 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039354",
            },
            {
               category: "external",
               summary: "SUSE Bug 1054557 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1054557",
            },
            {
               category: "external",
               summary: "SUSE Bug 1077345 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1077345",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 2.9,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2017-1000365",
      },
      {
         cve: "CVE-2017-1000380",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000380",
            },
         ],
         notes: [
            {
               category: "general",
               text: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000380",
               url: "https://www.suse.com/security/cve/CVE-2017-1000380",
            },
            {
               category: "external",
               summary: "SUSE Bug 1044125 for CVE-2017-1000380",
               url: "https://bugzilla.suse.com/1044125",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2017-1000380",
      },
      {
         cve: "CVE-2017-11176",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-11176",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-11176",
               url: "https://www.suse.com/security/cve/CVE-2017-11176",
            },
            {
               category: "external",
               summary: "SUSE Bug 1048275 for CVE-2017-11176",
               url: "https://bugzilla.suse.com/1048275",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-11176",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-11176",
      },
      {
         cve: "CVE-2017-11473",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-11473",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-11473",
               url: "https://www.suse.com/security/cve/CVE-2017-11473",
            },
            {
               category: "external",
               summary: "SUSE Bug 1049603 for CVE-2017-11473",
               url: "https://bugzilla.suse.com/1049603",
            },
            {
               category: "external",
               summary: "SUSE Bug 1061680 for CVE-2017-11473",
               url: "https://bugzilla.suse.com/1061680",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-11473",
               url: "https://bugzilla.suse.com/1087082",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-11473",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-11473",
      },
      {
         cve: "CVE-2017-2636",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-2636",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-2636",
               url: "https://www.suse.com/security/cve/CVE-2017-2636",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027565 for CVE-2017-2636",
               url: "https://bugzilla.suse.com/1027565",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027575 for CVE-2017-2636",
               url: "https://bugzilla.suse.com/1027575",
            },
            {
               category: "external",
               summary: "SUSE Bug 1028372 for CVE-2017-2636",
               url: "https://bugzilla.suse.com/1028372",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-2636",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-2636",
      },
      {
         cve: "CVE-2017-2647",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-2647",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-2647",
               url: "https://www.suse.com/security/cve/CVE-2017-2647",
            },
            {
               category: "external",
               summary: "SUSE Bug 1030593 for CVE-2017-2647",
               url: "https://bugzilla.suse.com/1030593",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-2647",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-2647",
      },
      {
         cve: "CVE-2017-2671",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-2671",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-2671",
               url: "https://www.suse.com/security/cve/CVE-2017-2671",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-2671",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031003 for CVE-2017-2671",
               url: "https://bugzilla.suse.com/1031003",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-2671",
               url: "https://bugzilla.suse.com/1087082",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-2671",
      },
      {
         cve: "CVE-2017-5669",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-5669",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-5669",
               url: "https://www.suse.com/security/cve/CVE-2017-5669",
            },
            {
               category: "external",
               summary: "SUSE Bug 1026914 for CVE-2017-5669",
               url: "https://bugzilla.suse.com/1026914",
            },
            {
               category: "external",
               summary: "SUSE Bug 1102390 for CVE-2017-5669",
               url: "https://bugzilla.suse.com/1102390",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-5669",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-5669",
      },
      {
         cve: "CVE-2017-5970",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-5970",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-5970",
               url: "https://www.suse.com/security/cve/CVE-2017-5970",
            },
            {
               category: "external",
               summary: "SUSE Bug 1024938 for CVE-2017-5970",
               url: "https://bugzilla.suse.com/1024938",
            },
            {
               category: "external",
               summary: "SUSE Bug 1025013 for CVE-2017-5970",
               url: "https://bugzilla.suse.com/1025013",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-5970",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-5970",
      },
      {
         cve: "CVE-2017-5986",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-5986",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-5986",
               url: "https://www.suse.com/security/cve/CVE-2017-5986",
            },
            {
               category: "external",
               summary: "SUSE Bug 1025235 for CVE-2017-5986",
               url: "https://bugzilla.suse.com/1025235",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027066 for CVE-2017-5986",
               url: "https://bugzilla.suse.com/1027066",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-5986",
      },
      {
         cve: "CVE-2017-6074",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-6074",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-6074",
               url: "https://www.suse.com/security/cve/CVE-2017-6074",
            },
            {
               category: "external",
               summary: "SUSE Bug 1026024 for CVE-2017-6074",
               url: "https://bugzilla.suse.com/1026024",
            },
            {
               category: "external",
               summary: "SUSE Bug 1072204 for CVE-2017-6074",
               url: "https://bugzilla.suse.com/1072204",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-6074",
      },
      {
         cve: "CVE-2017-6214",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-6214",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-6214",
               url: "https://www.suse.com/security/cve/CVE-2017-6214",
            },
            {
               category: "external",
               summary: "SUSE Bug 1026722 for CVE-2017-6214",
               url: "https://bugzilla.suse.com/1026722",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-6214",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-6214",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-6214",
      },
      {
         cve: "CVE-2017-6348",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-6348",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-6348",
               url: "https://www.suse.com/security/cve/CVE-2017-6348",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027178 for CVE-2017-6348",
               url: "https://bugzilla.suse.com/1027178",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-6348",
               url: "https://bugzilla.suse.com/1087082",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-6348",
      },
      {
         cve: "CVE-2017-6353",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-6353",
            },
         ],
         notes: [
            {
               category: "general",
               text: "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-6353",
               url: "https://www.suse.com/security/cve/CVE-2017-6353",
            },
            {
               category: "external",
               summary: "SUSE Bug 1025235 for CVE-2017-6353",
               url: "https://bugzilla.suse.com/1025235",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027066 for CVE-2017-6353",
               url: "https://bugzilla.suse.com/1027066",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-6353",
      },
      {
         cve: "CVE-2017-6951",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-6951",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-6951",
               url: "https://www.suse.com/security/cve/CVE-2017-6951",
            },
            {
               category: "external",
               summary: "SUSE Bug 1029850 for CVE-2017-6951",
               url: "https://bugzilla.suse.com/1029850",
            },
            {
               category: "external",
               summary: "SUSE Bug 1030593 for CVE-2017-6951",
               url: "https://bugzilla.suse.com/1030593",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-6951",
      },
      {
         cve: "CVE-2017-7184",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7184",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7184",
               url: "https://www.suse.com/security/cve/CVE-2017-7184",
            },
            {
               category: "external",
               summary: "SUSE Bug 1030573 for CVE-2017-7184",
               url: "https://bugzilla.suse.com/1030573",
            },
            {
               category: "external",
               summary: "SUSE Bug 1030575 for CVE-2017-7184",
               url: "https://bugzilla.suse.com/1030575",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7184",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7184",
      },
      {
         cve: "CVE-2017-7187",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7187",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7187",
               url: "https://www.suse.com/security/cve/CVE-2017-7187",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-7187",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1030213 for CVE-2017-7187",
               url: "https://bugzilla.suse.com/1030213",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7187",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7187",
      },
      {
         cve: "CVE-2017-7261",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7261",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7261",
               url: "https://www.suse.com/security/cve/CVE-2017-7261",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-7261",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031052 for CVE-2017-7261",
               url: "https://bugzilla.suse.com/1031052",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7261",
      },
      {
         cve: "CVE-2017-7294",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7294",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7294",
               url: "https://www.suse.com/security/cve/CVE-2017-7294",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-7294",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031440 for CVE-2017-7294",
               url: "https://bugzilla.suse.com/1031440",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031481 for CVE-2017-7294",
               url: "https://bugzilla.suse.com/1031481",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7294",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7294",
      },
      {
         cve: "CVE-2017-7308",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7308",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7308",
               url: "https://www.suse.com/security/cve/CVE-2017-7308",
            },
            {
               category: "external",
               summary: "SUSE Bug 1027179 for CVE-2017-7308",
               url: "https://bugzilla.suse.com/1027179",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031579 for CVE-2017-7308",
               url: "https://bugzilla.suse.com/1031579",
            },
            {
               category: "external",
               summary: "SUSE Bug 1031660 for CVE-2017-7308",
               url: "https://bugzilla.suse.com/1031660",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7308",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7308",
      },
      {
         cve: "CVE-2017-7482",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7482",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7482",
               url: "https://www.suse.com/security/cve/CVE-2017-7482",
            },
            {
               category: "external",
               summary: "SUSE Bug 1046107 for CVE-2017-7482",
               url: "https://bugzilla.suse.com/1046107",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7482",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7482",
      },
      {
         cve: "CVE-2017-7487",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7487",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7487",
               url: "https://www.suse.com/security/cve/CVE-2017-7487",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038879 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038879",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038883 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 1072204 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1072204",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7487",
      },
      {
         cve: "CVE-2017-7533",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7533",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7533",
               url: "https://www.suse.com/security/cve/CVE-2017-7533",
            },
            {
               category: "external",
               summary: "SUSE Bug 1049483 for CVE-2017-7533",
               url: "https://bugzilla.suse.com/1049483",
            },
            {
               category: "external",
               summary: "SUSE Bug 1050677 for CVE-2017-7533",
               url: "https://bugzilla.suse.com/1050677",
            },
            {
               category: "external",
               summary: "SUSE Bug 1050751 for CVE-2017-7533",
               url: "https://bugzilla.suse.com/1050751",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053919 for CVE-2017-7533",
               url: "https://bugzilla.suse.com/1053919",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-7533",
      },
      {
         cve: "CVE-2017-7542",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7542",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7542",
               url: "https://www.suse.com/security/cve/CVE-2017-7542",
            },
            {
               category: "external",
               summary: "SUSE Bug 1049882 for CVE-2017-7542",
               url: "https://bugzilla.suse.com/1049882",
            },
            {
               category: "external",
               summary: "SUSE Bug 1061936 for CVE-2017-7542",
               url: "https://bugzilla.suse.com/1061936",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7542",
      },
      {
         cve: "CVE-2017-7616",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7616",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7616",
               url: "https://www.suse.com/security/cve/CVE-2017-7616",
            },
            {
               category: "external",
               summary: "SUSE Bug 1033336 for CVE-2017-7616",
               url: "https://bugzilla.suse.com/1033336",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2017-7616",
      },
      {
         cve: "CVE-2017-8890",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8890",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8890",
               url: "https://www.suse.com/security/cve/CVE-2017-8890",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038564 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1038564",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039883 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1039883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039885 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1039885",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042364 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1042364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-8890",
      },
      {
         cve: "CVE-2017-8924",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8924",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8924",
               url: "https://www.suse.com/security/cve/CVE-2017-8924",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037182 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1037182",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2017-8924",
      },
      {
         cve: "CVE-2017-8925",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8925",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8925",
               url: "https://www.suse.com/security/cve/CVE-2017-8925",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037183 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1037183",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "low",
            },
         ],
         title: "CVE-2017-8925",
      },
      {
         cve: "CVE-2017-9074",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9074",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9074",
               url: "https://www.suse.com/security/cve/CVE-2017-9074",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039882 for CVE-2017-9074",
               url: "https://bugzilla.suse.com/1039882",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9074",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-9074",
      },
      {
         cve: "CVE-2017-9075",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9075",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9075",
               url: "https://www.suse.com/security/cve/CVE-2017-9075",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039883 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1039883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9075",
      },
      {
         cve: "CVE-2017-9076",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9076",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9076",
               url: "https://www.suse.com/security/cve/CVE-2017-9076",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039885 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1039885",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9076",
      },
      {
         cve: "CVE-2017-9077",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9077",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9077",
               url: "https://www.suse.com/security/cve/CVE-2017-9077",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042364 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1042364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9077",
      },
      {
         cve: "CVE-2017-9242",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9242",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
               "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9242",
               url: "https://www.suse.com/security/cve/CVE-2017-9242",
            },
            {
               category: "external",
               summary: "SUSE Bug 1041431 for CVE-2017-9242",
               url: "https://bugzilla.suse.com/1041431",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042892 for CVE-2017-9242",
               url: "https://bugzilla.suse.com/1042892",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-09-04T13:37:48Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9242",
      },
   ],
}

cve-2017-7184

Vulnerability from cvelistv5

Published

2017-03-19 18:00

Modified

2024-08-05 15:56

Severity ?

Summary

The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.

References

▼	URL	Tags
	https://blog.trendmicro.com/results-pwn2own-2017-day-one/	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/97018	vdb-entry, x_refsource_BID
	https://source.android.com/security/bulletin/2017-05-01	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038166	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df	x_refsource_CONFIRM
	http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition	x_refsource_MISC
	https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a	x_refsource_CONFIRM
	https://twitter.com/thezdi/status/842126074435665920	x_refsource_MISC
	http://openwall.com/lists/oss-security/2017/03/29/2	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4159	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:56:35.949Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://blog.trendmicro.com/results-pwn2own-2017-day-one/",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  name: "97018",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97018",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-05-01",
               },
               {
                  name: "1038166",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038166",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://twitter.com/thezdi/status/842126074435665920",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2017/03/29/2",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
               {
                  name: "RHSA-2019:4159",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:4159",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-12-10T15:06:09",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://blog.trendmicro.com/results-pwn2own-2017-day-one/",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               name: "97018",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97018",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-05-01",
            },
            {
               name: "1038166",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038166",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://twitter.com/thezdi/status/842126074435665920",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://openwall.com/lists/oss-security/2017/03/29/2",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
            {
               name: "RHSA-2019:4159",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:4159",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7184",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://blog.trendmicro.com/results-pwn2own-2017-day-one/",
                     refsource: "MISC",
                     url: "https://blog.trendmicro.com/results-pwn2own-2017-day-one/",
                  },
                  {
                     name: "RHSA-2017:2918",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2918",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a",
                  },
                  {
                     name: "RHSA-2017:2931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2931",
                  },
                  {
                     name: "97018",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97018",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-05-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-05-01",
                  },
                  {
                     name: "1038166",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038166",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/f843ee6dd019bcece3e74e76ad9df0155655d0df",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df",
                  },
                  {
                     name: "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition",
                     refsource: "MISC",
                     url: "http://www.eweek.com/security/ubuntu-linux-falls-on-day-1-of-pwn2own-hacking-competition",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/677e806da4d916052585301785d847c3b3e6186a",
                  },
                  {
                     name: "https://twitter.com/thezdi/status/842126074435665920",
                     refsource: "MISC",
                     url: "https://twitter.com/thezdi/status/842126074435665920",
                  },
                  {
                     name: "http://openwall.com/lists/oss-security/2017/03/29/2",
                     refsource: "CONFIRM",
                     url: "http://openwall.com/lists/oss-security/2017/03/29/2",
                  },
                  {
                     name: "RHSA-2017:2930",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2930",
                  },
                  {
                     name: "RHSA-2019:4159",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:4159",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7184",
      datePublished: "2017-03-19T18:00:00",
      dateReserved: "2017-03-19T00:00:00",
      dateUpdated: "2024-08-05T15:56:35.949Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4997

Vulnerability from cvelistv5

Published

2016-07-03 21:00

Modified

2024-08-06 00:46

Severity ?

Summary

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1847.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1349722	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1875.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/06/24/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/40435/	exploit, x_refsource_EXPLOIT-DB
	https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1036171	vdb-entry, x_refsource_SECTRACK
	https://www.exploit-db.com/exploits/40489/	exploit, x_refsource_EXPLOIT-DB
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1883.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/09/29/10	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/91451	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:40.226Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:2180",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "SUSE-SU-2016:1709",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "RHSA-2016:1847",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1847.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349722",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "SUSE-SU-2016:2174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  name: "RHSA-2016:1875",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1875.html",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "SUSE-SU-2016:2018",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/24/5",
               },
               {
                  name: "SUSE-SU-2016:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
               },
               {
                  name: "SUSE-SU-2016:2178",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
               },
               {
                  name: "40435",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/40435/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "1036171",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036171",
               },
               {
                  name: "40489",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/40489/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
               },
               {
                  name: "SUSE-SU-2016:2177",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
               },
               {
                  name: "RHSA-2016:1883",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1883.html",
               },
               {
                  name: "SUSE-SU-2016:2179",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "SUSE-SU-2016:1710",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html",
               },
               {
                  name: "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/09/29/10",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "91451",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91451",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "SUSE-SU-2016:2180",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "SUSE-SU-2016:1709",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "RHSA-2016:1847",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1847.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349722",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "SUSE-SU-2016:2174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               name: "RHSA-2016:1875",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1875.html",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "SUSE-SU-2016:2018",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/24/5",
            },
            {
               name: "SUSE-SU-2016:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
            },
            {
               name: "SUSE-SU-2016:2178",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
            },
            {
               name: "40435",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/40435/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "1036171",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036171",
            },
            {
               name: "40489",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/40489/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
            },
            {
               name: "SUSE-SU-2016:2177",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
            },
            {
               name: "RHSA-2016:1883",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1883.html",
            },
            {
               name: "SUSE-SU-2016:2179",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "SUSE-SU-2016:1710",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html",
            },
            {
               name: "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/09/29/10",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "91451",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91451",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-4997",
      datePublished: "2016-07-03T21:00:00",
      dateReserved: "2016-05-24T00:00:00",
      dateUpdated: "2024-08-06T00:46:40.226Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2014-9922

Vulnerability from cvelistv5

Published

2017-04-04 04:54

Modified

2024-08-06 14:02

Severity ?

Summary

The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2017-04-01.html	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/97354	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1038201	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T14:02:36.819Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2017-04-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121",
               },
               {
                  name: "97354",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97354",
               },
               {
                  name: "1038201",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038201",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-10-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-07-10T09:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2017-04-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121",
            },
            {
               name: "97354",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97354",
            },
            {
               name: "1038201",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038201",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2014-9922",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2017-04-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2017-04-01.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121",
                  },
                  {
                     name: "97354",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97354",
                  },
                  {
                     name: "1038201",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038201",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2014-9922",
      datePublished: "2017-04-04T04:54:00",
      dateReserved: "2017-03-01T00:00:00",
      dateUpdated: "2024-08-06T14:02:36.819Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-6214

Vulnerability from cvelistv5

Published

2017-02-23 17:00

Modified

2024-08-05 15:25

Severity ?

Summary

The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.

References

▼	URL	Tags
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96421	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:1615	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1647	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1372	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1037897	vdb-entry, x_refsource_SECTRACK
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:25:49.099Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "96421",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96421",
               },
               {
                  name: "RHSA-2017:1615",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1615",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
               },
               {
                  name: "RHSA-2017:1647",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1647",
               },
               {
                  name: "RHSA-2017:1616",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1616",
               },
               {
                  name: "RHSA-2017:1372",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1372",
               },
               {
                  name: "1037897",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037897",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "96421",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96421",
            },
            {
               name: "RHSA-2017:1615",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1615",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
            },
            {
               name: "RHSA-2017:1647",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1647",
            },
            {
               name: "RHSA-2017:1616",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1616",
            },
            {
               name: "RHSA-2017:1372",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1372",
            },
            {
               name: "1037897",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037897",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-6214",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "96421",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96421",
                  },
                  {
                     name: "RHSA-2017:1615",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1615",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
                  },
                  {
                     name: "RHSA-2017:1647",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1647",
                  },
                  {
                     name: "RHSA-2017:1616",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1616",
                  },
                  {
                     name: "RHSA-2017:1372",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1372",
                  },
                  {
                     name: "1037897",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037897",
                  },
                  {
                     name: "DSA-3804",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3804",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-6214",
      datePublished: "2017-02-23T17:00:00",
      dateReserved: "2017-02-23T00:00:00",
      dateUpdated: "2024-08-05T15:25:49.099Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7533

Vulnerability from cvelistv5

Published

2017-08-05 16:00

Modified

2024-08-05 16:04

Severity ?

Summary

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://patchwork.kernel.org/patch/9755757/	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1468283	x_refsource_MISC
	http://www.securityfocus.com/bid/100123	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2473	vendor-advisory, x_refsource_REDHAT
	http://openwall.com/lists/oss-security/2017/08/03/2	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:2585	vendor-advisory, x_refsource_REDHAT
	https://patchwork.kernel.org/patch/9755753/	x_refsource_MISC
	https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e	x_refsource_MISC
	https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1408967.html	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://source.android.com/security/bulletin/2017-12-01	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039075	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2770	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:2869	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2019/06/27/7	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2019/06/28/1	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2019/06/28/2	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel through 4.12.4	Version: Linux kernel through 4.12.4

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.899Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/9755757/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1468283",
               },
               {
                  name: "100123",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100123",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2017:2473",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2473",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2017/08/03/2",
               },
               {
                  name: "RHSA-2017:2585",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2585",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/9755753/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1408967.html",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-12-01",
               },
               {
                  name: "1039075",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039075",
               },
               {
                  name: "RHSA-2017:2770",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2770",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e",
               },
               {
                  name: "RHSA-2017:2869",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2869",
               },
               {
                  name: "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/06/27/7",
               },
               {
                  name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/06/28/1",
               },
               {
                  name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/06/28/2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel through 4.12.4",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel through 4.12.4",
                  },
               ],
            },
         ],
         datePublic: "2017-08-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "race condition",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-06-28T20:06:05",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://patchwork.kernel.org/patch/9755757/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1468283",
            },
            {
               name: "100123",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100123",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2017:2473",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2473",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://openwall.com/lists/oss-security/2017/08/03/2",
            },
            {
               name: "RHSA-2017:2585",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2585",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://patchwork.kernel.org/patch/9755753/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1408967.html",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-12-01",
            },
            {
               name: "1039075",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039075",
            },
            {
               name: "RHSA-2017:2770",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2770",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e",
            },
            {
               name: "RHSA-2017:2869",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2869",
            },
            {
               name: "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/06/27/7",
            },
            {
               name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/06/28/1",
            },
            {
               name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/06/28/2",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7533",
      datePublished: "2017-08-05T16:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.899Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8890

Vulnerability from cvelistv5

Published

2017-05-10 16:00

Modified

2024-08-05 16:48

Severity ?

Summary

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98562	vdb-entry, x_refsource_BID
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:22.695Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98562",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98562",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98562",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98562",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8890",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98562",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98562",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8890",
      datePublished: "2017-05-10T16:00:00",
      dateReserved: "2017-05-10T00:00:00",
      dateUpdated: "2024-08-05T16:48:22.695Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9074

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98577	vdb-entry, x_refsource_BID
	https://patchwork.ozlabs.org/patch/763117/	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:21.933Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98577",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98577",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/763117/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-11-30T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98577",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98577",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/763117/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9074",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98577",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98577",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/763117/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/763117/",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
                  },
                  {
                     name: "RHSA-2018:0169",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0169",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                     refsource: "CONFIRM",
                     url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9074",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:21.933Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8925

Vulnerability from cvelistv5

Published

2017-05-12 21:00

Modified

2024-08-05 16:48

Severity ?

Summary

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98462	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:23.018Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
               },
               {
                  name: "98462",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98462",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
            },
            {
               name: "98462",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98462",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8925",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                  },
                  {
                     name: "98462",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98462",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8925",
      datePublished: "2017-05-12T21:00:00",
      dateReserved: "2017-05-12T00:00:00",
      dateUpdated: "2024-08-05T16:48:23.018Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5243

Vulnerability from cvelistv5

Published

2016-06-27 10:00

Modified

2024-08-06 00:53

Severity ?

Summary

The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3054-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/06/03/4	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3051-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3053-1	vendor-advisory, x_refsource_UBUNTU
	https://patchwork.ozlabs.org/patch/629100/	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3055-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3056-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3052-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3049-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1343335	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3050-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3057-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/91334	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:53:48.931Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3054-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3054-1",
               },
               {
                  name: "[oss-security] 20160603 Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/03/4",
               },
               {
                  name: "USN-3051-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3051-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
               },
               {
                  name: "USN-3053-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3053-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/629100/",
               },
               {
                  name: "USN-3055-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3055-1",
               },
               {
                  name: "USN-3056-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3056-1",
               },
               {
                  name: "USN-3052-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3052-1",
               },
               {
                  name: "USN-3049-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3049-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343335",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3050-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3050-1",
               },
               {
                  name: "USN-3057-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3057-1",
               },
               {
                  name: "91334",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91334",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3054-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3054-1",
            },
            {
               name: "[oss-security] 20160603 Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/03/4",
            },
            {
               name: "USN-3051-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3051-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
            },
            {
               name: "USN-3053-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3053-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/629100/",
            },
            {
               name: "USN-3055-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3055-1",
            },
            {
               name: "USN-3056-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3056-1",
            },
            {
               name: "USN-3052-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3052-1",
            },
            {
               name: "USN-3049-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3049-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343335",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3050-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3050-1",
            },
            {
               name: "USN-3057-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3057-1",
            },
            {
               name: "91334",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91334",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-5243",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3054-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3054-1",
                  },
                  {
                     name: "[oss-security] 20160603 Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/03/4",
                  },
                  {
                     name: "USN-3051-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3051-1",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
                  },
                  {
                     name: "USN-3053-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3053-1",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/629100/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/629100/",
                  },
                  {
                     name: "USN-3055-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3055-1",
                  },
                  {
                     name: "USN-3056-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3056-1",
                  },
                  {
                     name: "USN-3052-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3052-1",
                  },
                  {
                     name: "USN-3049-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3049-1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1343335",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343335",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3050-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3050-1",
                  },
                  {
                     name: "USN-3057-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3057-1",
                  },
                  {
                     name: "91334",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/91334",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-5243",
      datePublished: "2016-06-27T10:00:00",
      dateReserved: "2016-06-03T00:00:00",
      dateUpdated: "2024-08-06T00:53:48.931Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7482

Vulnerability from cvelistv5

Published

2018-07-30 14:00

Modified

2024-08-05 16:04

Severity ?

7.1 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/99299	vdb-entry, x_refsource_BID
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038787	vdb-entry, x_refsource_SECTRACK
	https://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482	x_refsource_CONFIRM
	http://seclists.org/oss-sec/2017/q2/602	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2019:0641	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	kernel:	Version: 4.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.726Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "99299",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99299",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
               },
               {
                  name: "1038787",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038787",
               },
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
               },
               {
                  name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/oss-sec/2017/q2/602",
               },
               {
                  name: "RHSA-2019:0641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:0641",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel:",
               vendor: "[UNKNOWN]",
               versions: [
                  {
                     status: "affected",
                     version: "4.12",
                  },
               ],
            },
         ],
         datePublic: "2017-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-03-26T10:06:06",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "99299",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99299",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
            },
            {
               name: "1038787",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038787",
            },
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
            },
            {
               name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://seclists.org/oss-sec/2017/q2/602",
            },
            {
               name: "RHSA-2019:0641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:0641",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2017-7482",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "kernel:",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.12",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "[UNKNOWN]",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
                  },
               ],
            },
            impact: {
               cvss: [
                  [
                     {
                        vectorString: "7.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                        version: "3.0",
                     },
                  ],
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-190",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "99299",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99299",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
                     refsource: "CONFIRM",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
                  },
                  {
                     name: "1038787",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038787",
                  },
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
                  },
                  {
                     name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
                     refsource: "MLIST",
                     url: "http://seclists.org/oss-sec/2017/q2/602",
                  },
                  {
                     name: "RHSA-2019:0641",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:0641",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7482",
      datePublished: "2018-07-30T14:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.726Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-2671

Vulnerability from cvelistv5

Published

2017-04-05 06:23

Modified

2024-08-05 14:02

Severity ?

Summary

The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/97407	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2017/04/04/8	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://twitter.com/danieljiang0415/status/845116665184497664	x_refsource_MISC
	https://github.com/danieljiang0415/android_kernel_crash_poc	x_refsource_MISC
	https://www.exploit-db.com/exploits/42135/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T14:02:07.183Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "97407",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97407",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893",
               },
               {
                  name: "[oss-security] 20170404 Re: Linux kernel ping socket / AF_LLC connect() sin_family race",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2017/04/04/8",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://twitter.com/danieljiang0415/status/845116665184497664",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/danieljiang0415/android_kernel_crash_poc",
               },
               {
                  name: "42135",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/42135/",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-24T09:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "97407",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97407",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893",
            },
            {
               name: "[oss-security] 20170404 Re: Linux kernel ping socket / AF_LLC connect() sin_family race",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://openwall.com/lists/oss-security/2017/04/04/8",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://twitter.com/danieljiang0415/status/845116665184497664",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/danieljiang0415/android_kernel_crash_poc",
            },
            {
               name: "42135",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/42135/",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-2671",
      datePublished: "2017-04-05T06:23:00",
      dateReserved: "2016-12-01T00:00:00",
      dateUpdated: "2024-08-05T14:02:07.183Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9076

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/760370/	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98586	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:22.127Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/760370/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "98586",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98586",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/760370/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "98586",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98586",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9076",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/760370/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/760370/",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "98586",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98586",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9076",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:22.127Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-11176

Vulnerability from cvelistv5

Published

2017-07-11 23:00

Modified

2024-08-05 17:57

Severity ?

Summary

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/99919	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://www.exploit-db.com/exploits/45553/	exploit, x_refsource_EXPLOIT-DB
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:3822	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T17:57:57.680Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "99919",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99919",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  name: "45553",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/45553/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
               },
               {
                  name: "RHSA-2018:3822",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3822",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-12-13T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "99919",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99919",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               name: "45553",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/45553/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
            },
            {
               name: "RHSA-2018:3822",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3822",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-11176",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "RHSA-2018:0169",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0169",
                  },
                  {
                     name: "RHSA-2017:2918",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2918",
                  },
                  {
                     name: "RHSA-2017:2931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2931",
                  },
                  {
                     name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                     refsource: "CONFIRM",
                     url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                  },
                  {
                     name: "99919",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99919",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "45553",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/45553/",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
                  },
                  {
                     name: "RHSA-2018:3822",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3822",
                  },
                  {
                     name: "RHSA-2017:2930",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2930",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-11176",
      datePublished: "2017-07-11T23:00:00",
      dateReserved: "2017-07-11T00:00:00",
      dateUpdated: "2024-08-05T17:57:57.680Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000363

Vulnerability from cvelistv5

Published

2017-07-13 20:00

Modified

2024-08-05 22:00

Severity ?

Summary

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98651	vdb-entry, x_refsource_BID
	https://alephsecurity.com/vulns/aleph-2017023	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:40.923Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98651",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98651",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://alephsecurity.com/vulns/aleph-2017023",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98651",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98651",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://alephsecurity.com/vulns/aleph-2017023",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000363",
               REQUESTER: "roee.hay@hcl.com",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98651",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98651",
                  },
                  {
                     name: "https://alephsecurity.com/vulns/aleph-2017023",
                     refsource: "MISC",
                     url: "https://alephsecurity.com/vulns/aleph-2017023",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000363",
      datePublished: "2017-07-13T20:00:00",
      dateReserved: "2017-07-10T00:00:00",
      dateUpdated: "2024-08-05T22:00:40.923Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7261

Vulnerability from cvelistv5

Published

2017-03-24 21:00

Modified

2024-08-05 15:56

Severity ?

Summary

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.

References

▼	URL	Tags
	http://marc.info/?t=149037004200005&r=1&w=2	x_refsource_MISC
	http://www.securityfocus.com/bid/97096	vdb-entry, x_refsource_BID
	https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1435719	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:56:36.002Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?t=149037004200005&r=1&w=2",
               },
               {
                  name: "97096",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97096",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1435719",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-03-28T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://marc.info/?t=149037004200005&r=1&w=2",
            },
            {
               name: "97096",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97096",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1435719",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7261",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://marc.info/?t=149037004200005&r=1&w=2",
                     refsource: "MISC",
                     url: "http://marc.info/?t=149037004200005&r=1&w=2",
                  },
                  {
                     name: "97096",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97096",
                  },
                  {
                     name: "https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html",
                     refsource: "MISC",
                     url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1435719",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1435719",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7261",
      datePublished: "2017-03-24T21:00:00",
      dateReserved: "2017-03-24T00:00:00",
      dateUpdated: "2024-08-05T15:56:36.002Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7616

Vulnerability from cvelistv5

Published

2017-04-10 14:00

Modified

2024-08-05 16:12

Severity ?

Summary

Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8deb25ccf0ea54d916b8871ae0e62	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1038503	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/97527	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:12:26.919Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  name: "1038503",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038503",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  name: "97527",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97527",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-04-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               name: "1038503",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038503",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               name: "97527",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97527",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7616",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "1038503",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038503",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "97527",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97527",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7616",
      datePublished: "2017-04-10T14:00:00",
      dateReserved: "2017-04-10T00:00:00",
      dateUpdated: "2024-08-05T16:12:26.919Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000380

Vulnerability from cvelistv5

Published

2017-06-17 18:00

Modified

2024-08-05 22:00

Severity ?

Summary

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:3315	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3322	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3295	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5	x_refsource_MISC
	https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2017/06/12/2	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728	x_refsource_MISC
	https://source.android.com/security/bulletin/pixel/2017-12-01	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378	x_refsource_MISC
	http://www.securityfocus.com/bid/99121	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:39.924Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:3315",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3315",
               },
               {
                  name: "RHSA-2017:3322",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3322",
               },
               {
                  name: "RHSA-2017:3295",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3295",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
               },
               {
                  name: "99121",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99121",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-06-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-12-05T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:3315",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3315",
            },
            {
               name: "RHSA-2017:3322",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3322",
            },
            {
               name: "RHSA-2017:3295",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3295",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
            },
            {
               name: "99121",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99121",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000380",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:3315",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3315",
                  },
                  {
                     name: "RHSA-2017:3322",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3322",
                  },
                  {
                     name: "RHSA-2017:3295",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3295",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                     refsource: "MISC",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
                  },
                  {
                     name: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
                     refsource: "MISC",
                     url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/pixel/2017-12-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
                  },
                  {
                     name: "99121",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99121",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000380",
      datePublished: "2017-06-17T18:00:00",
      dateReserved: "2017-06-13T00:00:00",
      dateUpdated: "2024-08-05T22:00:39.924Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-6951

Vulnerability from cvelistv5

Published

2017-03-16 18:00

Modified

2024-08-05 15:49

Severity ?

Summary

The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/96943	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://www.spinics.net/lists/keyrings/msg01849.html	x_refsource_MISC
	http://www.spinics.net/lists/keyrings/msg01845.html	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://www.spinics.net/lists/keyrings/msg01846.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:49:01.366Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "96943",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96943",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.spinics.net/lists/keyrings/msg01849.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.spinics.net/lists/keyrings/msg01845.html",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.spinics.net/lists/keyrings/msg01846.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-16T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "96943",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96943",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.spinics.net/lists/keyrings/msg01849.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.spinics.net/lists/keyrings/msg01845.html",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.spinics.net/lists/keyrings/msg01846.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-6951",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "96943",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96943",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "http://www.spinics.net/lists/keyrings/msg01849.html",
                     refsource: "MISC",
                     url: "http://www.spinics.net/lists/keyrings/msg01849.html",
                  },
                  {
                     name: "http://www.spinics.net/lists/keyrings/msg01845.html",
                     refsource: "MISC",
                     url: "http://www.spinics.net/lists/keyrings/msg01845.html",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "http://www.spinics.net/lists/keyrings/msg01846.html",
                     refsource: "MISC",
                     url: "http://www.spinics.net/lists/keyrings/msg01846.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-6951",
      datePublished: "2017-03-16T18:00:00",
      dateReserved: "2017-03-16T00:00:00",
      dateUpdated: "2024-08-05T15:49:01.366Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9075

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98597	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/2017-10-01	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://patchwork.ozlabs.org/patch/763569/	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:22.125Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98597",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98597",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-10-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/763569/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98597",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98597",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-10-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/763569/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9075",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98597",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98597",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-10-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-10-01",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/763569/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/763569/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9075",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:22.125Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9242

Vulnerability from cvelistv5

Published

2017-05-27 00:00

Modified

2024-08-05 17:02

Severity ?

Summary

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98731	vdb-entry, x_refsource_BID
	https://patchwork.ozlabs.org/patch/764880/	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T17:02:43.389Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98731",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98731",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/764880/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98731",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98731",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/764880/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9242",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98731",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98731",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/764880/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/764880/",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9242",
      datePublished: "2017-05-27T00:00:00",
      dateReserved: "2017-05-26T00:00:00",
      dateUpdated: "2024-08-05T17:02:43.389Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000364

Vulnerability from cvelistv5

Published

2017-06-19 16:00

Modified

2024-08-05 22:00

Severity ?

Summary

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:1491	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2017-1000364	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1486	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1489	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1490	vendor-advisory, x_refsource_REDHAT
	https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt	x_refsource_MISC
	https://www.exploit-db.com/exploits/45625/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2017:1482	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1647	vendor-advisory, x_refsource_REDHAT
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1712	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1483	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1487	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/99130	vdb-entry, x_refsource_BID
	https://www.suse.com/support/kb/doc/?id=7020973	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1567	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1484	vendor-advisory, x_refsource_REDHAT
	https://www.suse.com/security/cve/CVE-2017-1000364/	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1038724	vdb-entry, x_refsource_SECTRACK
	https://kc.mcafee.com/corporate/index?page=content&id=SB10205	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1485	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1488	vendor-advisory, x_refsource_REDHAT
	https://kc.mcafee.com/corporate/index?page=content&id=SB10207	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:41.163Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:1491",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1491",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2017-1000364",
               },
               {
                  name: "RHSA-2017:1486",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1486",
               },
               {
                  name: "RHSA-2017:1489",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1489",
               },
               {
                  name: "RHSA-2017:1490",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1490",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
               },
               {
                  name: "45625",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/45625/",
               },
               {
                  name: "RHSA-2017:1482",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1482",
               },
               {
                  name: "RHSA-2017:1647",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1647",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us",
               },
               {
                  name: "RHSA-2017:1616",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1616",
               },
               {
                  name: "RHSA-2017:1712",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1712",
               },
               {
                  name: "RHSA-2017:1483",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1483",
               },
               {
                  name: "RHSA-2017:1487",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1487",
               },
               {
                  name: "99130",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99130",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.suse.com/support/kb/doc/?id=7020973",
               },
               {
                  name: "RHSA-2017:1567",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1567",
               },
               {
                  name: "RHSA-2017:1484",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1484",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.suse.com/security/cve/CVE-2017-1000364/",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "1038724",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038724",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10205",
               },
               {
                  name: "RHSA-2017:1485",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1485",
               },
               {
                  name: "RHSA-2017:1488",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1488",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-06-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-18T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:1491",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1491",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2017-1000364",
            },
            {
               name: "RHSA-2017:1486",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1486",
            },
            {
               name: "RHSA-2017:1489",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1489",
            },
            {
               name: "RHSA-2017:1490",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1490",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
            },
            {
               name: "45625",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/45625/",
            },
            {
               name: "RHSA-2017:1482",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1482",
            },
            {
               name: "RHSA-2017:1647",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1647",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us",
            },
            {
               name: "RHSA-2017:1616",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1616",
            },
            {
               name: "RHSA-2017:1712",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1712",
            },
            {
               name: "RHSA-2017:1483",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1483",
            },
            {
               name: "RHSA-2017:1487",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1487",
            },
            {
               name: "99130",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99130",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.suse.com/support/kb/doc/?id=7020973",
            },
            {
               name: "RHSA-2017:1567",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1567",
            },
            {
               name: "RHSA-2017:1484",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1484",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.suse.com/security/cve/CVE-2017-1000364/",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "1038724",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038724",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10205",
            },
            {
               name: "RHSA-2017:1485",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1485",
            },
            {
               name: "RHSA-2017:1488",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1488",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000364",
               REQUESTER: "qsa@qualys.com",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:1491",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1491",
                  },
                  {
                     name: "https://access.redhat.com/security/cve/CVE-2017-1000364",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/cve/CVE-2017-1000364",
                  },
                  {
                     name: "RHSA-2017:1486",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1486",
                  },
                  {
                     name: "RHSA-2017:1489",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1489",
                  },
                  {
                     name: "RHSA-2017:1490",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1490",
                  },
                  {
                     name: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                     refsource: "MISC",
                     url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                  },
                  {
                     name: "45625",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/45625/",
                  },
                  {
                     name: "RHSA-2017:1482",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1482",
                  },
                  {
                     name: "RHSA-2017:1647",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1647",
                  },
                  {
                     name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us",
                     refsource: "CONFIRM",
                     url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us",
                  },
                  {
                     name: "RHSA-2017:1616",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1616",
                  },
                  {
                     name: "RHSA-2017:1712",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1712",
                  },
                  {
                     name: "RHSA-2017:1483",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1483",
                  },
                  {
                     name: "RHSA-2017:1487",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1487",
                  },
                  {
                     name: "99130",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99130",
                  },
                  {
                     name: "https://www.suse.com/support/kb/doc/?id=7020973",
                     refsource: "CONFIRM",
                     url: "https://www.suse.com/support/kb/doc/?id=7020973",
                  },
                  {
                     name: "RHSA-2017:1567",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1567",
                  },
                  {
                     name: "RHSA-2017:1484",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1484",
                  },
                  {
                     name: "https://www.suse.com/security/cve/CVE-2017-1000364/",
                     refsource: "CONFIRM",
                     url: "https://www.suse.com/security/cve/CVE-2017-1000364/",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "1038724",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038724",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10205",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10205",
                  },
                  {
                     name: "RHSA-2017:1485",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1485",
                  },
                  {
                     name: "RHSA-2017:1488",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1488",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10207",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000364",
      datePublished: "2017-06-19T16:00:00",
      dateReserved: "2017-06-19T00:00:00",
      dateUpdated: "2024-08-05T22:00:41.163Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-5669

Vulnerability from cvelistv5

Published

2017-02-24 15:00

Modified

2024-08-05 15:11

Severity ?

Summary

The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.

References

▼	URL	Tags
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1037918	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/96754	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.kernel.org/show_bug.cgi?id=192931	x_refsource_MISC
	https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8	x_refsource_MISC
	https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:11:47.757Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  name: "1037918",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037918",
               },
               {
                  name: "96754",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96754",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=192931",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-10-01T16:22:24",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               name: "1037918",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037918",
            },
            {
               name: "96754",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96754",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=192931",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-5669",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3583-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-2/",
                  },
                  {
                     name: "USN-3583-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-1/",
                  },
                  {
                     name: "1037918",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037918",
                  },
                  {
                     name: "96754",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96754",
                  },
                  {
                     name: "DSA-3804",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3804",
                  },
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=192931",
                     refsource: "MISC",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=192931",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-5669",
      datePublished: "2017-02-24T15:00:00",
      dateReserved: "2017-01-31T00:00:00",
      dateUpdated: "2024-08-05T15:11:47.757Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7294

Vulnerability from cvelistv5

Published

2017-03-29 01:32

Modified

2024-08-05 15:56

Severity ?

Summary

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1436798	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html	x_refsource_MISC
	http://www.securityfocus.com/bid/97177	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:56:36.465Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1436798",
               },
               {
                  name: "RHSA-2018:1062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1062",
               },
               {
                  name: "RHSA-2018:0676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0676",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html",
               },
               {
                  name: "97177",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97177",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-04-11T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1436798",
            },
            {
               name: "RHSA-2018:1062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1062",
            },
            {
               name: "RHSA-2018:0676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0676",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html",
            },
            {
               name: "97177",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97177",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7294",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1436798",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1436798",
                  },
                  {
                     name: "RHSA-2018:1062",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1062",
                  },
                  {
                     name: "RHSA-2018:0676",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0676",
                  },
                  {
                     name: "https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html",
                     refsource: "MISC",
                     url: "https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html",
                  },
                  {
                     name: "97177",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97177",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7294",
      datePublished: "2017-03-29T01:32:00",
      dateReserved: "2017-03-28T00:00:00",
      dateUpdated: "2024-08-05T15:56:36.465Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7308

Vulnerability from cvelistv5

Published

2017-03-29 20:00

Modified

2024-08-05 15:56

Severity ?

Summary

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:1308	vendor-advisory, x_refsource_REDHAT
	https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html	x_refsource_MISC
	https://source.android.com/security/bulletin/2017-07-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/97234	vdb-entry, x_refsource_BID
	https://patchwork.ozlabs.org/patch/744812/	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/41994/	exploit, x_refsource_EXPLOIT-DB
	https://patchwork.ozlabs.org/patch/744813/	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/44654/	exploit, x_refsource_EXPLOIT-DB
	https://patchwork.ozlabs.org/patch/744811/	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1298	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1297	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:56:36.470Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:1308",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1308",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-07-01",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  name: "97234",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97234",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/744812/",
               },
               {
                  name: "41994",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/41994/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/744813/",
               },
               {
                  name: "44654",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/44654/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/744811/",
               },
               {
                  name: "RHSA-2017:1298",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1298",
               },
               {
                  name: "RHSA-2017:1297",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1297",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-29T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:1308",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1308",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-07-01",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               name: "97234",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97234",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/744812/",
            },
            {
               name: "41994",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/41994/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/744813/",
            },
            {
               name: "44654",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/44654/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/744811/",
            },
            {
               name: "RHSA-2017:1298",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1298",
            },
            {
               name: "RHSA-2017:1297",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1297",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7308",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:1308",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1308",
                  },
                  {
                     name: "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html",
                     refsource: "MISC",
                     url: "https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-07-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-07-01",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "97234",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97234",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/744812/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/744812/",
                  },
                  {
                     name: "41994",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/41994/",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/744813/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/744813/",
                  },
                  {
                     name: "44654",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/44654/",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/744811/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/744811/",
                  },
                  {
                     name: "RHSA-2017:1298",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1298",
                  },
                  {
                     name: "RHSA-2017:1297",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1297",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7308",
      datePublished: "2017-03-29T20:00:00",
      dateReserved: "2017-03-29T00:00:00",
      dateUpdated: "2024-08-05T15:56:36.470Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-5986

Vulnerability from cvelistv5

Published

2017-02-18 21:40

Modified

2024-08-05 15:18

Severity ?

Summary

Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:1308	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2017/02/14/6	mailing-list, x_refsource_MLIST
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1420276	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96222	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:18:49.117Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:1308",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1308",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90",
               },
               {
                  name: "[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/02/14/6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1420276",
               },
               {
                  name: "96222",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96222",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:1308",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1308",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90",
            },
            {
               name: "[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/02/14/6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1420276",
            },
            {
               name: "96222",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96222",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-5986",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:1308",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1308",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90",
                  },
                  {
                     name: "[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/02/14/6",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1420276",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1420276",
                  },
                  {
                     name: "96222",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96222",
                  },
                  {
                     name: "DSA-3804",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3804",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-5986",
      datePublished: "2017-02-18T21:40:00",
      dateReserved: "2017-02-14T00:00:00",
      dateUpdated: "2024-08-05T15:18:49.117Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-11473

Vulnerability from cvelistv5

Published

2017-07-20 04:00

Modified

2024-08-05 18:12

Severity ?

Summary

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

References

▼	URL	Tags
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://source.android.com/security/bulletin/pixel/2018-01-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:0654	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/100010	vdb-entry, x_refsource_BID
	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4	x_refsource_MISC
	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c	x_refsource_MISC
	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:12:40.160Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
               },
               {
                  name: "RHSA-2018:0654",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0654",
               },
               {
                  name: "100010",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100010",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-01-05T20:00:32",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
            },
            {
               name: "RHSA-2018:0654",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0654",
            },
            {
               name: "100010",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100010",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-11473",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3754-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3754-1/",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/pixel/2018-01-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
                  },
                  {
                     name: "RHSA-2018:0654",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0654",
                  },
                  {
                     name: "100010",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100010",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65",
                     refsource: "CONFIRM",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-11473",
      datePublished: "2017-07-20T04:00:00",
      dateReserved: "2017-07-19T00:00:00",
      dateUpdated: "2024-08-05T18:12:40.160Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-2188

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:24

Severity ?

Summary

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-2971-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/39556/	exploit, x_refsource_EXPLOIT-DB
	http://seclists.org/bugtraq/2016/Mar/87	mailing-list, x_refsource_BUGTRAQ
	https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2970-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2969-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2968-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1317018	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2971-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2971-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2968-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2016/Mar/118	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T23:24:48.299Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-2971-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2971-2",
               },
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  name: "39556",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/39556/",
               },
               {
                  name: "20160310 oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/bugtraq/2016/Mar/87",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0",
               },
               {
                  name: "SUSE-SU-2016:1696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
               },
               {
                  name: "USN-2970-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2970-1",
               },
               {
                  name: "USN-2969-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2969-1",
               },
               {
                  name: "USN-2968-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2968-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1317018",
               },
               {
                  name: "USN-2971-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2971-3",
               },
               {
                  name: "USN-2997-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2997-1",
               },
               {
                  name: "SUSE-SU-2016:1764",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html",
               },
               {
                  name: "USN-2971-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2971-1",
               },
               {
                  name: "SUSE-SU-2016:1707",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html",
               },
               {
                  name: "USN-2996-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2996-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-2968-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2968-2",
               },
               {
                  name: "openSUSE-SU-2016:1382",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html",
               },
               {
                  name: "SUSE-SU-2016:2074",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0",
               },
               {
                  name: "20160315 Re: oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/bugtraq/2016/Mar/118",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-03-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-07T09:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "USN-2971-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2971-2",
            },
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               name: "39556",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/39556/",
            },
            {
               name: "20160310 oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://seclists.org/bugtraq/2016/Mar/87",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/4ec0ef3a82125efc36173062a50624550a900ae0",
            },
            {
               name: "SUSE-SU-2016:1696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
            },
            {
               name: "USN-2970-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2970-1",
            },
            {
               name: "USN-2969-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2969-1",
            },
            {
               name: "USN-2968-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2968-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1317018",
            },
            {
               name: "USN-2971-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2971-3",
            },
            {
               name: "USN-2997-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2997-1",
            },
            {
               name: "SUSE-SU-2016:1764",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html",
            },
            {
               name: "USN-2971-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2971-1",
            },
            {
               name: "SUSE-SU-2016:1707",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html",
            },
            {
               name: "USN-2996-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2996-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-2968-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2968-2",
            },
            {
               name: "openSUSE-SU-2016:1382",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html",
            },
            {
               name: "SUSE-SU-2016:2074",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ec0ef3a82125efc36173062a50624550a900ae0",
            },
            {
               name: "20160315 Re: oss-2016-15: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://seclists.org/bugtraq/2016/Mar/118",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-2188",
      datePublished: "2016-05-02T10:00:00",
      dateReserved: "2016-01-29T00:00:00",
      dateUpdated: "2024-08-05T23:24:48.299Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-2636

Vulnerability from cvelistv5

Published

2017-03-07 22:00

Modified

2024-08-05 14:02

Severity ?

Summary

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:0892	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/96732	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1037963	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2017/03/07/6	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1428319	x_refsource_CONFIRM
	https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:1125	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1232	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1233	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1488	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:0986	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1126	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T14:02:06.961Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:0892",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0892",
               },
               {
                  name: "96732",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96732",
               },
               {
                  name: "1037963",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037963",
               },
               {
                  name: "RHSA-2017:0932",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0932",
               },
               {
                  name: "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/03/07/6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1428319",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html",
               },
               {
                  name: "RHSA-2017:1125",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1125",
               },
               {
                  name: "RHSA-2017:0933",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0933",
               },
               {
                  name: "RHSA-2017:1232",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1232",
               },
               {
                  name: "RHSA-2017:0931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0931",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
               {
                  name: "RHSA-2017:1233",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1233",
               },
               {
                  name: "RHSA-2017:1488",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1488",
               },
               {
                  name: "RHSA-2017:0986",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0986",
               },
               {
                  name: "RHSA-2017:1126",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1126",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2017:0892",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0892",
            },
            {
               name: "96732",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96732",
            },
            {
               name: "1037963",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037963",
            },
            {
               name: "RHSA-2017:0932",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0932",
            },
            {
               name: "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/03/07/6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1428319",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html",
            },
            {
               name: "RHSA-2017:1125",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1125",
            },
            {
               name: "RHSA-2017:0933",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0933",
            },
            {
               name: "RHSA-2017:1232",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1232",
            },
            {
               name: "RHSA-2017:0931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0931",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
            {
               name: "RHSA-2017:1233",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1233",
            },
            {
               name: "RHSA-2017:1488",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1488",
            },
            {
               name: "RHSA-2017:0986",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0986",
            },
            {
               name: "RHSA-2017:1126",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1126",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-2636",
      datePublished: "2017-03-07T22:00:00",
      dateReserved: "2016-12-01T00:00:00",
      dateUpdated: "2024-08-05T14:02:06.961Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-2647

Vulnerability from cvelistv5

Published

2017-03-31 04:26

Modified

2024-08-05 14:02

Severity ?

Summary

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:2437	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2444	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/97258	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81	x_refsource_CONFIRM
	https://usn.ubuntu.com/3849-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3849-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1428353	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T14:02:07.104Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:2437",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2437",
               },
               {
                  name: "RHSA-2017:2444",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2444",
               },
               {
                  name: "97258",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97258",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
               },
               {
                  name: "USN-3849-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3849-1/",
               },
               {
                  name: "USN-3849-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3849-2/",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1428353",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-01-15T10:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2017:2437",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2437",
            },
            {
               name: "RHSA-2017:2444",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2444",
            },
            {
               name: "97258",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97258",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
            },
            {
               name: "USN-3849-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3849-1/",
            },
            {
               name: "USN-3849-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3849-2/",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1428353",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-2647",
      datePublished: "2017-03-31T04:26:00",
      dateReserved: "2016-12-01T00:00:00",
      dateUpdated: "2024-08-05T14:02:07.104Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7117

Vulnerability from cvelistv5

Published

2016-10-10 10:00

Modified

2024-08-06 01:50

Severity ?

Summary

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2017-0216.html	vendor-advisory, x_refsource_REDHAT
	https://security-tracker.debian.org/tracker/CVE-2016-7117	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2016-10-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0086.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2962.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0113.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0091.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.novell.com/show_bug.cgi?id=1003077	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1382268	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0031.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0065.html	vendor-advisory, x_refsource_REDHAT
	https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/93304	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0270.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0217.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0036.html	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0215.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0196.html	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:50:47.546Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:0216",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-10-01.html",
               },
               {
                  name: "RHSA-2017:0086",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
               },
               {
                  name: "RHSA-2016:2962",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
               },
               {
                  name: "RHSA-2017:0113",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
               },
               {
                  name: "RHSA-2017:0091",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
               },
               {
                  name: "RHSA-2017:0031",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
               },
               {
                  name: "RHSA-2017:0065",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
               },
               {
                  name: "93304",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93304",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
               },
               {
                  name: "RHSA-2017:0270",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
               },
               {
                  name: "RHSA-2017:0217",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
               },
               {
                  name: "RHSA-2017:0036",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
               },
               {
                  name: "RHSA-2017:0215",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
               },
               {
                  name: "RHSA-2017:0196",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-03-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               name: "RHSA-2017:0216",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-10-01.html",
            },
            {
               name: "RHSA-2017:0086",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
            },
            {
               name: "RHSA-2016:2962",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
            },
            {
               name: "RHSA-2017:0113",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
            },
            {
               name: "RHSA-2017:0091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
            },
            {
               name: "RHSA-2017:0031",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
            },
            {
               name: "RHSA-2017:0065",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
            },
            {
               name: "93304",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93304",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
            },
            {
               name: "RHSA-2017:0270",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
            },
            {
               name: "RHSA-2017:0217",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
            },
            {
               name: "RHSA-2017:0036",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
            },
            {
               name: "RHSA-2017:0215",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
            },
            {
               name: "RHSA-2017:0196",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-7117",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:0216",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
                  },
                  {
                     name: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
                     refsource: "CONFIRM",
                     url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2016-10-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-10-01.html",
                  },
                  {
                     name: "RHSA-2017:0086",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
                  },
                  {
                     name: "RHSA-2016:2962",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
                  },
                  {
                     name: "RHSA-2017:0113",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
                  },
                  {
                     name: "RHSA-2017:0091",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
                  },
                  {
                     name: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
                  },
                  {
                     name: "RHSA-2017:0031",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
                  },
                  {
                     name: "RHSA-2017:0065",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
                  },
                  {
                     name: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
                     refsource: "CONFIRM",
                     url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                  },
                  {
                     name: "93304",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93304",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
                  },
                  {
                     name: "RHSA-2017:0270",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
                  },
                  {
                     name: "RHSA-2017:0217",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
                  },
                  {
                     name: "RHSA-2017:0036",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
                  },
                  {
                     name: "RHSA-2017:0215",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
                  },
                  {
                     name: "RHSA-2017:0196",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-7117",
      datePublished: "2016-10-10T10:00:00",
      dateReserved: "2016-08-30T00:00:00",
      dateUpdated: "2024-08-06T01:50:47.546Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-5970

Vulnerability from cvelistv5

Published

2017-02-14 06:30

Modified

2024-08-05 15:18

Severity ?

Summary

The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.

References

▼	URL	Tags
	https://patchwork.ozlabs.org/patch/724136/	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2017/02/12/3	mailing-list, x_refsource_MLIST
	https://source.android.com/security/bulletin/2017-07-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/96233	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1421638	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3791	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:18:48.868Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/724136/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
               },
               {
                  name: "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/02/12/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-07-01",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "96233",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96233",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
               },
               {
                  name: "DSA-3791",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3791",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-04T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/724136/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
            },
            {
               name: "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/02/12/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-07-01",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "96233",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96233",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
            },
            {
               name: "DSA-3791",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3791",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-5970",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://patchwork.ozlabs.org/patch/724136/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/724136/",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644",
                  },
                  {
                     name: "[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/02/12/3",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-07-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-07-01",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "96233",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96233",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1421638",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644",
                  },
                  {
                     name: "DSA-3791",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3791",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-5970",
      datePublished: "2017-02-14T06:30:00",
      dateReserved: "2017-02-12T00:00:00",
      dateUpdated: "2024-08-05T15:18:48.868Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7187

Vulnerability from cvelistv5

Published

2017-03-20 14:00

Modified

2024-08-05 15:56

Severity ?

Summary

The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.

References

▼	URL	Tags
	https://source.android.com/security/bulletin/pixel/2017-10-01	x_refsource_CONFIRM
	https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1038086	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/96989	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:56:36.142Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/pixel/2017-10-01",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "1038086",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038086",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  name: "96989",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96989",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-03-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/pixel/2017-10-01",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "1038086",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038086",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               name: "96989",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96989",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7187",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://source.android.com/security/bulletin/pixel/2017-10-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/pixel/2017-10-01",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "1038086",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038086",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b",
                     refsource: "MISC",
                     url: "https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "96989",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96989",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7187",
      datePublished: "2017-03-20T14:00:00",
      dateReserved: "2017-03-20T00:00:00",
      dateUpdated: "2024-08-05T15:56:36.142Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-10200

Vulnerability from cvelistv5

Published

2017-03-07 21:00

Modified

2024-08-06 03:14

Severity ?

Summary

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037965	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2437	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1037968	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2444	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2017-03-01.html	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101783	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T03:14:42.877Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef",
               },
               {
                  name: "1037965",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037965",
               },
               {
                  name: "RHSA-2017:2437",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2437",
               },
               {
                  name: "1037968",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037968",
               },
               {
                  name: "RHSA-2017:2444",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2444",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2017-03-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
               },
               {
                  name: "101783",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101783",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-11-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef",
            },
            {
               name: "1037965",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037965",
            },
            {
               name: "RHSA-2017:2437",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2437",
            },
            {
               name: "1037968",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037968",
            },
            {
               name: "RHSA-2017:2444",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2444",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2017-03-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
            },
            {
               name: "101783",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101783",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-10200",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef",
                  },
                  {
                     name: "1037965",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037965",
                  },
                  {
                     name: "RHSA-2017:2437",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2437",
                  },
                  {
                     name: "1037968",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037968",
                  },
                  {
                     name: "RHSA-2017:2444",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2444",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2017-03-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2017-03-01.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
                  },
                  {
                     name: "101783",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101783",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-10200",
      datePublished: "2017-03-07T21:00:00",
      dateReserved: "2017-02-04T00:00:00",
      dateUpdated: "2024-08-06T03:14:42.877Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-6353

Vulnerability from cvelistv5

Published

2017-03-01 20:00

Modified

2024-08-05 15:25

Severity ?

Summary

net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96473	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2017/02/27/2	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:25:49.140Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
               },
               {
                  name: "96473",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96473",
               },
               {
                  name: "[oss-security] 20170227 Linux: CVE-2017-6353: sctp: deny peeloff operation on asocs with threads sleeping on it",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/02/27/2",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
            },
            {
               name: "96473",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96473",
            },
            {
               name: "[oss-security] 20170227 Linux: CVE-2017-6353: sctp: deny peeloff operation on asocs with threads sleeping on it",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/02/27/2",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-6353",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1",
                  },
                  {
                     name: "96473",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96473",
                  },
                  {
                     name: "[oss-security] 20170227 Linux: CVE-2017-6353: sctp: deny peeloff operation on asocs with threads sleeping on it",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/02/27/2",
                  },
                  {
                     name: "DSA-3804",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3804",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-6353",
      datePublished: "2017-03-01T20:00:00",
      dateReserved: "2017-02-26T00:00:00",
      dateUpdated: "2024-08-05T15:25:49.140Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-8970

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 08:36

Severity ?

Summary

crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:2437	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd504589577d8e8e70f51f997ad487a4cb6c026f	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2444	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/dd504589577d8e8e70f51f997ad487a4cb6c026f	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/11/04/3	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1386286	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94217	vdb-entry, x_refsource_BID
	https://groups.google.com/forum/#%21msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T08:36:30.422Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:2437",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2437",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd504589577d8e8e70f51f997ad487a4cb6c026f",
               },
               {
                  name: "RHSA-2017:2444",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2444",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/dd504589577d8e8e70f51f997ad487a4cb6c026f",
               },
               {
                  name: "[oss-security] 20161104 Re: CVE request -- linux kernel: crypto: GPF in lrw_crypt caused by null-deref",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/04/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1386286",
               },
               {
                  name: "94217",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94217",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://groups.google.com/forum/#%21msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-02-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2017:2437",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2437",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd504589577d8e8e70f51f997ad487a4cb6c026f",
            },
            {
               name: "RHSA-2017:2444",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2444",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/dd504589577d8e8e70f51f997ad487a4cb6c026f",
            },
            {
               name: "[oss-security] 20161104 Re: CVE request -- linux kernel: crypto: GPF in lrw_crypt caused by null-deref",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/04/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1386286",
            },
            {
               name: "94217",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94217",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://groups.google.com/forum/#%21msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2015-8970",
      datePublished: "2016-11-28T03:01:00",
      dateReserved: "2016-11-04T00:00:00",
      dateUpdated: "2024-08-06T08:36:30.422Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8924

Vulnerability from cvelistv5

Published

2017-05-12 21:00

Modified

2024-08-05 16:48

Severity ?

Summary

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98451	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:22.931Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
               },
               {
                  name: "98451",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98451",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
            },
            {
               name: "98451",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98451",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8924",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
                  },
                  {
                     name: "98451",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98451",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8924",
      datePublished: "2017-05-12T21:00:00",
      dateReserved: "2017-05-12T00:00:00",
      dateUpdated: "2024-08-05T16:48:22.931Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-6074

Vulnerability from cvelistv5

Published

2017-02-18 21:40

Modified

2024-08-05 15:18

Severity ?

Summary

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2017-0323.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0324.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0365.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0347.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1209	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2017/02/22/3	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2017-0501.html	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/2017-07-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1037876	vdb-entry, x_refsource_SECTRACK
	http://rhn.redhat.com/errata/RHSA-2017-0316.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0294.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0295.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0366.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0346.html	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0403.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3791	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2017-0293.html	vendor-advisory, x_refsource_REDHAT
	https://www.tenable.com/security/tns-2017-07	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96310	vdb-entry, x_refsource_BID
	https://www.exploit-db.com/exploits/41457/	exploit, x_refsource_EXPLOIT-DB
	https://www.exploit-db.com/exploits/41458/	exploit, x_refsource_EXPLOIT-DB
	http://rhn.redhat.com/errata/RHSA-2017-0345.html	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:18:49.675Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:0323",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0323.html",
               },
               {
                  name: "RHSA-2017:0324",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0324.html",
               },
               {
                  name: "RHSA-2017:0365",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0365.html",
               },
               {
                  name: "RHSA-2017:0347",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0347.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
               },
               {
                  name: "RHSA-2017:1209",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1209",
               },
               {
                  name: "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/02/22/3",
               },
               {
                  name: "RHSA-2017:0501",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0501.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-07-01",
               },
               {
                  name: "RHSA-2017:0932",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0932",
               },
               {
                  name: "1037876",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037876",
               },
               {
                  name: "RHSA-2017:0316",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0316.html",
               },
               {
                  name: "RHSA-2017:0294",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0294.html",
               },
               {
                  name: "RHSA-2017:0295",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0295.html",
               },
               {
                  name: "RHSA-2017:0366",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0366.html",
               },
               {
                  name: "RHSA-2017:0346",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0346.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4",
               },
               {
                  name: "RHSA-2017:0403",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0403.html",
               },
               {
                  name: "DSA-3791",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3791",
               },
               {
                  name: "RHSA-2017:0293",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0293.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2017-07",
               },
               {
                  name: "96310",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96310",
               },
               {
                  name: "41457",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/41457/",
               },
               {
                  name: "41458",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/41458/",
               },
               {
                  name: "RHSA-2017:0345",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0345.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-16T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-07-18T12:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:0323",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0323.html",
            },
            {
               name: "RHSA-2017:0324",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0324.html",
            },
            {
               name: "RHSA-2017:0365",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0365.html",
            },
            {
               name: "RHSA-2017:0347",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0347.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
            },
            {
               name: "RHSA-2017:1209",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1209",
            },
            {
               name: "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/02/22/3",
            },
            {
               name: "RHSA-2017:0501",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0501.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-07-01",
            },
            {
               name: "RHSA-2017:0932",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0932",
            },
            {
               name: "1037876",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037876",
            },
            {
               name: "RHSA-2017:0316",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0316.html",
            },
            {
               name: "RHSA-2017:0294",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0294.html",
            },
            {
               name: "RHSA-2017:0295",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0295.html",
            },
            {
               name: "RHSA-2017:0366",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0366.html",
            },
            {
               name: "RHSA-2017:0346",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0346.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4",
            },
            {
               name: "RHSA-2017:0403",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0403.html",
            },
            {
               name: "DSA-3791",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3791",
            },
            {
               name: "RHSA-2017:0293",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0293.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.tenable.com/security/tns-2017-07",
            },
            {
               name: "96310",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96310",
            },
            {
               name: "41457",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/41457/",
            },
            {
               name: "41458",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/41458/",
            },
            {
               name: "RHSA-2017:0345",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0345.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-6074",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:0323",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0323.html",
                  },
                  {
                     name: "RHSA-2017:0324",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0324.html",
                  },
                  {
                     name: "RHSA-2017:0365",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0365.html",
                  },
                  {
                     name: "RHSA-2017:0347",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0347.html",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
                  },
                  {
                     name: "RHSA-2017:1209",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1209",
                  },
                  {
                     name: "[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/02/22/3",
                  },
                  {
                     name: "RHSA-2017:0501",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0501.html",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-07-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-07-01",
                  },
                  {
                     name: "RHSA-2017:0932",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0932",
                  },
                  {
                     name: "1037876",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037876",
                  },
                  {
                     name: "RHSA-2017:0316",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0316.html",
                  },
                  {
                     name: "RHSA-2017:0294",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0294.html",
                  },
                  {
                     name: "RHSA-2017:0295",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0295.html",
                  },
                  {
                     name: "RHSA-2017:0366",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0366.html",
                  },
                  {
                     name: "RHSA-2017:0346",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0346.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4",
                  },
                  {
                     name: "RHSA-2017:0403",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0403.html",
                  },
                  {
                     name: "DSA-3791",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3791",
                  },
                  {
                     name: "RHSA-2017:0293",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0293.html",
                  },
                  {
                     name: "https://www.tenable.com/security/tns-2017-07",
                     refsource: "CONFIRM",
                     url: "https://www.tenable.com/security/tns-2017-07",
                  },
                  {
                     name: "96310",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96310",
                  },
                  {
                     name: "41457",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/41457/",
                  },
                  {
                     name: "41458",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/41458/",
                  },
                  {
                     name: "RHSA-2017:0345",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0345.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-6074",
      datePublished: "2017-02-18T21:40:00",
      dateReserved: "2017-02-17T00:00:00",
      dateUpdated: "2024-08-05T15:18:49.675Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-6348

Vulnerability from cvelistv5

Published

2017-03-01 20:00

Modified

2024-08-05 15:25

Severity ?

Summary

The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96483	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2017/02/28/4	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:25:49.233Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13",
               },
               {
                  name: "96483",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/96483",
               },
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  name: "[oss-security] 20170228 Linux: irda: Fix lockdep annotations in hashbin_delete() (CVE-2017-6348)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/02/28/4",
               },
               {
                  name: "DSA-3804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3804",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-02-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-24T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13",
            },
            {
               name: "96483",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/96483",
            },
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               name: "[oss-security] 20170228 Linux: irda: Fix lockdep annotations in hashbin_delete() (CVE-2017-6348)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/02/28/4",
            },
            {
               name: "DSA-3804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3804",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-6348",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13",
                  },
                  {
                     name: "96483",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/96483",
                  },
                  {
                     name: "USN-3754-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3754-1/",
                  },
                  {
                     name: "[oss-security] 20170228 Linux: irda: Fix lockdep annotations in hashbin_delete() (CVE-2017-6348)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/02/28/4",
                  },
                  {
                     name: "DSA-3804",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3804",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-6348",
      datePublished: "2017-03-01T20:00:00",
      dateReserved: "2017-02-26T00:00:00",
      dateUpdated: "2024-08-05T15:25:49.233Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7542

Vulnerability from cvelistv5

Published

2017-07-21 16:00

Modified

2024-08-05 16:04

Severity ?

Summary

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/99953	vdb-entry, x_refsource_BID
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel versions up to and including 4.12	Version: Linux kernel versions up to and including 4.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.869Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  name: "99953",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99953",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel versions up to and including 4.12",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel versions up to and including 4.12",
                  },
               ],
            },
         ],
         datePublic: "2017-07-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-11-30T20:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               name: "99953",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99953",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7542",
      datePublished: "2017-07-21T16:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.869Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-3288

Vulnerability from cvelistv5

Published

2016-10-16 21:00

Modified

2024-08-06 05:39

Severity ?

Summary

mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-01-01.html	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4	x_refsource_CONFIRM
	https://security-tracker.debian.org/tracker/CVE-2015-3288	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/93591	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1333830	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T05:39:32.197Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-01-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2015-3288",
               },
               {
                  name: "93591",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93591",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1333830",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-07-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-05T21:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-01-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security-tracker.debian.org/tracker/CVE-2015-3288",
            },
            {
               name: "93591",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93591",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1333830",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2015-3288",
      datePublished: "2016-10-16T21:00:00",
      dateReserved: "2015-04-10T00:00:00",
      dateUpdated: "2024-08-06T05:39:32.197Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000365

Vulnerability from cvelistv5

Published

2017-06-19 16:00

Modified

2024-08-05 22:00

Severity ?

Summary

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/99156	vdb-entry, x_refsource_BID
	https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/cve/CVE-2017-1000365	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:39.881Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "99156",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99156",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-06-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "99156",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99156",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000365",
               REQUESTER: "qsa@qualys.com",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "99156",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99156",
                  },
                  {
                     name: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                     refsource: "MISC",
                     url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "https://access.redhat.com/security/cve/CVE-2017-1000365",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000365",
      datePublished: "2017-06-19T16:00:00",
      dateReserved: "2017-06-19T00:00:00",
      dateUpdated: "2024-08-05T22:00:39.881Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7487

Vulnerability from cvelistv5

Published

2017-05-14 22:00

Modified

2024-08-05 16:04

Severity ?

Summary

The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039237	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/757549/	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98439	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=1447734	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel through 4.11.1	Version: Linux kernel through 4.11.1

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.583Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039237",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039237",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/757549/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80",
               },
               {
                  name: "98439",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98439",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1447734",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel through 4.11.1",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel through 4.11.1",
                  },
               ],
            },
         ],
         datePublic: "2017-05-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "mishandles reference counts",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "1039237",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039237",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/757549/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80",
            },
            {
               name: "98439",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98439",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1447734",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7487",
      datePublished: "2017-05-14T22:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.583Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9077

Vulnerability from cvelistv5

Published

2017-05-19 14:00

Modified

2024-08-05 16:55

Severity ?

Summary

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/760370/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98583	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:21.888Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/760370/",
               },
               {
                  name: "98583",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98583",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-11-01",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/760370/",
            },
            {
               name: "98583",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98583",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-11-01",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9077",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/760370/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/760370/",
                  },
                  {
                     name: "98583",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98583",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-11-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-11-01",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9077",
      datePublished: "2017-05-19T14:00:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:21.888Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature