exploitDog

CVE-2017-2636

Опубликовано: 07 мар. 2017

Источник: nvd

CVSS3: 7

CVSS2: 6.9

EPSS Низкий

Описание

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

Ссылки

http://www.debian.org/security/2017/dsa-3804
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/03/07/6
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/96732
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037963
Third Party Advisory
VDB Entry
https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0892
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0931
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0932
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0933
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0986
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1125
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1126
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1232
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1233
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1488
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1428319
Issue Tracking
Mitigation
Third Party Advisory
http://www.debian.org/security/2017/dsa-3804
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/03/07/6
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/96732
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037963
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 2.6.31 (включая) до 3.2.87 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.3 (включая) до 3.10.106 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.11 (включая) до 3.12.72 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.13 (включая) до 3.16.42 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.17 (включая) до 3.18.49 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.19 (включая) до 4.1.49 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.2 (включая) до 4.4.54 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.5 (включая) до 4.9.15 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.10.3 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00526

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2017-2636

CVSS3: 7

ubuntu

больше 8 лет назад

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

CVE-2017-2636

CVSS3: 7.8

redhat

больше 8 лет назад

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

CVE-2017-2636

CVSS3: 7

debian

больше 8 лет назад

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.1 ...

SUSE-SU-2017:0913-1

suse-cvrf

около 8 лет назад

Security update for the Linux Kernel

SUSE-SU-2017:0912-1

suse-cvrf

около 8 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 66%

0.00526

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362