Errata ALT-PU-2017-2337-1: Information
Fixes
Published: Sept. 12, 2017
BDU:2017-02569
Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Severity: MEDIUM (6.6) Vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 26, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-1000252
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb
- https://github.com/torvalds/linux/commit/36ae3c0a36b7456432fedce38ae2f7bd3e01a563
- https://bugzilla.redhat.com/show_bug.cgi?id=1490781
- http://www.openwall.com/lists/oss-security/2017/09/15/4
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563
- https://marc.info/?l=kvm&m=150549146311117&w=2
- https://marc.info/?l=kvm&m=150549145711115&w=2
- 101022
- DSA-3981
- RHSA-2018:1062
- RHSA-2018:0676
- RHSA-2018:1130
Published: Sept. 21, 2017
Modified: Oct. 10, 2019
Modified: Oct. 10, 2019
CVE-2017-12153
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
Severity: MEDIUM (4.4) Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888
- https://bugzilla.redhat.com/show_bug.cgi?id=1491046
- https://bugzilla.novell.com/show_bug.cgi?id=1058410
- http://seclists.org/oss-sec/2017/q3/437
- https://marc.info/?t=150525503100001&r=1&w=2
- 100855
- DSA-3981
- USN-3583-2
- USN-3583-1
Published: Sept. 26, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-12154
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Links:
- https://www.spinics.net/lists/kvm/msg155414.html
- https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f
- https://bugzilla.redhat.com/show_bug.cgi?id=1491224
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f
- 100856
- DSA-3981
- RHSA-2018:1062
- RHSA-2018:0676
- USN-3698-2
- USN-3698-1
- RHSA-2019:1946
Published: Oct. 4, 2017
Modified: Aug. 24, 2018
Modified: Aug. 24, 2018
CVE-2017-14991
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Nov. 4, 2017
Modified: March 14, 2024
Modified: March 14, 2024
CVE-2017-16528
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
Severity: MEDIUM (6.6) Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links: