Published: 05/09/2017 Updated: 16/03/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel up to and including 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Debian Bug report logs - #875881 linux: CVE-2017-1000251 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Christoph Anton Mitterer <calestyo@scientianet> Date: Fri, 15 Sep 2017 14:42:01 UTC Severity: critical Tags: confirmed, fixed-upstream, security, ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks CVE-2017-7518 Andy Lutomirski discovered that KVM is prone to an incorrect debug exception (#DB) error occurring while emulating a syscall instruction A process inside a guest can take advanta ...

Several security issues were fixed in the Linux kernel ...

CWE-200 https://github.com/torvalds/linux/pull/441 https://marc.info/?l=linux-kernel&m=150453196710422&w=2 https://marc.info/?l=linux-kernel&m=150401461613306&w=2 http://www.securityfocus.com/bid/100634 http://www.debian.org/security/2017/dsa-3981 https://usn.ubuntu.com/3583-2/https://usn.ubuntu.com/3583-1/https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875881 https://usn.ubuntu.com/3469-2/https://www.debian.org/security/./dsa-3981

CVE-2017-14156

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect