Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-1000380

Опубликовано: 17 июн. 2017
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 4.11.4 (включая)

EPSS

Процентиль: 55%
0.00326
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVSS3: 5.5
ubuntu
около 8 лет назад

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

CVSS3: 4.7
redhat
около 8 лет назад

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

CVSS3: 5.5
debian
около 8 лет назад

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to ...

CVSS3: 5.5
github
около 3 лет назад

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

oracle-oval
больше 7 лет назад

ELSA-2017-3315: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 55%
0.00326
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200