Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-16539

Опубликовано: 04 нояб. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.9

Описание

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

18.06.1-0ubuntu1~18.04.1
cosmic

released

18.06.1-0ubuntu1
devel

released

18.06.1-0ubuntu2
esm-apps/bionic

released

18.06.1-0ubuntu1~18.04.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/xenial

released

18.06.1-0ubuntu1~16.04.2
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

DNE

trusty was not-affected [code not present]

Показывать по

Ссылки на источники

EPSS

Процентиль: 73%
0.00771
Низкий

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-16539

CVSS3: 7.5
redhat
больше 8 лет назад

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.

nvd логотип

CVE-2017-16539

CVSS3: 5.9
nvd
больше 8 лет назад

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.

debian логотип

CVE-2017-16539

CVSS3: 5.9
debian
больше 8 лет назад

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby throug ...

github логотип

GHSA-vfjc-2qcw-j95j

CVSS3: 5.9
github
больше 3 лет назад

Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)

suse-cvrf логотип

openSUSE-SU-2018:0406-1

suse-cvrf
почти 8 лет назад

Security update for docker, docker-runc, containerd, golang-github-docker-libnetwork

EPSS

Процентиль: 73%
0.00771
Низкий

4.3 Medium

CVSS2

5.9 Medium

CVSS3