Published: 15/09/2017 Updated: 07/12/2017

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel prior to 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...

Debian Bug report logs - #875881 linux: CVE-2017-1000251 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Christoph Anton Mitterer <calestyo@scientianet> Date: Fri, 15 Sep 2017 14:42:01 UTC Severity: critical Tags: confirmed, fixed-upstream, security, ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks CVE-2017-7518 Andy Lutomirski discovered that KVM is prone to an incorrect debug exception (#DB) error occurring while emulating a syscall instruction A process inside a guest can take advanta ...

stack buffer overflow in the native Bluetooth stackA stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other th ...

Several security issues were fixed in the Linux kernel ...

A flaw was found where the XFS filesystem code mishandles a user-settable inode flag in the Linux kernel prior to 414-rc1 This can cause a local denial of service via a kernel panic ...

CWE-476 https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc https://bugzilla.redhat.com/show_bug.cgi?id=1491344 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2 http://seclists.org/oss-sec/2017/q3/436 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc http://www.securityfocus.com/bid/100851 http://www.debian.org/security/2017/dsa-3981 https://access.redhat.com/errata/RHSA-2017:2918 https://access.redhat.com/errata/RHSA-2017:2918 https://nvd.nist.gov https://usn.ubuntu.com/3469-2/https://www.debian.org/security/./dsa-3981

CVE-2017-14340

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect