ALT-PU-2017-1888-1
Package kernel-image-un-def updated to version 4.12.2-alt1 for branch sisyphus in task 185476.
Closed vulnerabilities
Published: 2017-07-09
BDU:2017-01686
Уязвимость функции mq_notify операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-07-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-11176
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1
- DSA-3927
- DSA-3927
- DSA-3945
- DSA-3945
- 99919
- 99919
- RHSA-2017:2918
- RHSA-2017:2918
- RHSA-2017:2930
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2017:2931
- RHSA-2018:0169
- RHSA-2018:0169
- RHSA-2018:3822
- RHSA-2018:3822
- https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1
- https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- 45553
- 45553