CVE-2017-0750

Опубликовано: 14 дек. 2015

Источник: redhat

CVSS3: 7

EPSS Низкий

Описание

A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1564028kernel: Out-of-bounds write in f2fs allows code execution when mounted malicious file system

EPSS

Процентиль: 49%

0.0026

Низкий

7 High

CVSS3

Связанные уязвимости

CVE-2017-0750

CVSS3: 7.8

ubuntu

больше 8 лет назад

A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

CVE-2017-0750

CVSS3: 7.8

nvd

больше 8 лет назад

A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

CVE-2017-0750

CVSS3: 7.8

debian

больше 8 лет назад

A elevation of privilege vulnerability in the Upstream Linux file syst ...

GHSA-w6h8-g3pv-c86f

CVSS3: 7.8

github

больше 3 лет назад

A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

EPSS

Процентиль: 49%

0.0026

Низкий

7 High

CVSS3