Описание
[REJECTED CVE] The Linux kernel package 3.16.0-28 mishandles a series of mmap system calls for /dev/zero with different starting addresses, with a stated impact of "allowing for a local user to possibly gain root access," aka an "inode integer overflow."
Отчет
MITRE has rejected this CVE as the flaw was not confirmed: https://nvd.nist.gov/vuln/detail/CVE-2017-7286 https://bugzilla.novell.com/show_bug.cgi?id=1033458#c5 None of the Red Hat products is vulnerable to this not-a-flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Not affected |
Показывать по
Дополнительная информация
0 Low
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
0 Low
CVSS3