All errata/p8/ALT-PU-2017-1890-1
ALT-PU-2017-1890-1

Package update kernel-image-std-def in branch p8

Version4.4.77-alt0.M80P.1
Task#185478
Published2017-07-17
Max severityHIGH
Severity:

Closed issues (5)

BDU:2017-01673
HIGH7.5

Уязвимость функции virtio_gpu_object_create операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-07-20Modified: 2024-05-16
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0HIGH 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
References
BDU:2017-01686
HIGH7.8

Уязвимость функции mq_notify операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2017-07-20Modified: 2024-05-16
CVSS 3.xHIGH 7.8
CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C
References
CVE-2017-10810
HIGH7.5

Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.

Published: 2017-07-04Modified: 2025-04-20
CVSS 2.0HIGH 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2017-11176
HIGH7.8

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

Published: 2017-07-11Modified: 2025-04-20
CVSS 2.0HIGH 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 3.xHIGH 7.8
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
CVE-2017-12146
HIGH7.0

The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.

Published: 2017-09-08Modified: 2025-04-20
CVSS 2.0MEDIUM 6.9
CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 3.xHIGH 7.0
CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References