Количество 18
Количество 18
GHSA-7m59-9m96-wch5
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
CVE-2017-1000111
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
CVE-2017-1000111
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
CVE-2017-1000111
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
CVE-2017-1000111
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue ...
BDU:2017-02488
Уязвимость функции packet_set_ring (net/packet/af_packet.c) ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код
SUSE-SU-2017:2150-1
Security update for the Linux Kernel
SUSE-SU-2017:2142-1
Security update for the Linux Kernel
SUSE-SU-2017:2131-1
Security update for the Linux Kernel
openSUSE-SU-2017:2171-1
Security update for the Linux Kernel
openSUSE-SU-2017:2169-1
Security update for the Linux Kernel
ELSA-2017-3633
ELSA-2017-3633: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-3632
ELSA-2017-3632: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-3200
ELSA-2017-3200: kernel security and bug fix update (IMPORTANT)
SUSE-SU-2017:2286-1
Security update for the Linux Kernel
ELSA-2017-2930
ELSA-2017-2930: kernel security and bug fix update (IMPORTANT)
ELSA-2017-2930-1
ELSA-2017-2930-1: kernel security and bug fix update (IMPORTANT)
SUSE-SU-2017:2956-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-7m59-9m96-wch5 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | CVE-2017-1000111 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | CVSS3: 7.8 | 0% Низкий | около 8 лет назад |
 | CVE-2017-1000111 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | CVSS3: 4.7 | 0% Низкий | больше 8 лет назад |
 | CVE-2017-1000111 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. | CVSS3: 7.8 | 0% Низкий | около 8 лет назад |
| CVE-2017-1000111 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue ... | CVSS3: 7.8 | 0% Низкий | около 8 лет назад |
 | BDU:2017-02488 Уязвимость функции packet_set_ring (net/packet/af_packet.c) ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код | CVSS3: 7.8 | 0% Низкий | больше 8 лет назад |
 | SUSE-SU-2017:2150-1 Security update for the Linux Kernel | больше 8 лет назад | ||
| SUSE-SU-2017:2142-1 Security update for the Linux Kernel | больше 8 лет назад | ||
| SUSE-SU-2017:2131-1 Security update for the Linux Kernel | больше 8 лет назад | ||
| openSUSE-SU-2017:2171-1 Security update for the Linux Kernel | около 8 лет назад | ||
| openSUSE-SU-2017:2169-1 Security update for the Linux Kernel | около 8 лет назад | ||
| ELSA-2017-3633 ELSA-2017-3633: Unbreakable Enterprise kernel security update (IMPORTANT) | около 8 лет назад | ||
| ELSA-2017-3632 ELSA-2017-3632: Unbreakable Enterprise kernel security update (IMPORTANT) | около 8 лет назад | ||
| ELSA-2017-3200 ELSA-2017-3200: kernel security and bug fix update (IMPORTANT) | около 8 лет назад | ||
| SUSE-SU-2017:2286-1 Security update for the Linux Kernel | около 8 лет назад | ||
| ELSA-2017-2930 ELSA-2017-2930: kernel security and bug fix update (IMPORTANT) | около 8 лет назад | ||
| ELSA-2017-2930-1 ELSA-2017-2930-1: kernel security and bug fix update (IMPORTANT) | около 8 лет назад | ||
| SUSE-SU-2017:2956-1 Security update for the Linux Kernel | около 8 лет назад |
Уязвимостей на страницу