ALT-PU-2017-2808-1
Package kernel-image-std-pae updated to version 4.4.106-alt1 for branch sisyphus in task 196926.
Closed vulnerabilities
Published: 2017-11-16
Modified: 2025-04-20
Modified: 2025-04-20
CVE-2017-0861
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Severity: MEDIUM (4.6)
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://lists.alioth.debian.org/pipermail/secure-testing-commits/2017-December/059967.html
- http://www.securityfocus.com/bid/102329
- https://access.redhat.com/errata/RHSA-2018:2390
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2018:3096
- https://access.redhat.com/errata/RHSA-2020:0036
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://security-tracker.debian.org/tracker/CVE-2017-0861
- https://source.android.com/security/bulletin/pixel/2017-11-01
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3617-3/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2018/dsa-4187
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- http://lists.alioth.debian.org/pipermail/secure-testing-commits/2017-December/059967.html
- http://www.securityfocus.com/bid/102329
- https://access.redhat.com/errata/RHSA-2018:2390
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2018:3096
- https://access.redhat.com/errata/RHSA-2020:0036
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://security-tracker.debian.org/tracker/CVE-2017-0861
- https://source.android.com/security/bulletin/pixel/2017-11-01
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3617-3/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2018/dsa-4187
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Published: 2017-12-11
Modified: 2025-04-20
Modified: 2025-04-20
CVE-2017-1000407
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
Severity: MEDIUM (6.1)
Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C
Severity: HIGH (7.4)
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
References:
- http://www.openwall.com/lists/oss-security/2017/12/04/2
- http://www.securityfocus.com/bid/102038
- https://access.redhat.com/errata/RHSA-2018:0676
- https://access.redhat.com/errata/RHSA-2018:1062
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/security/cve/cve-2017-1000407
- https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2017/dsa-4073
- https://www.debian.org/security/2018/dsa-4082
- https://www.spinics.net/lists/kvm/msg159809.html
- http://www.openwall.com/lists/oss-security/2017/12/04/2
- http://www.securityfocus.com/bid/102038
- https://access.redhat.com/errata/RHSA-2018:0676
- https://access.redhat.com/errata/RHSA-2018:1062
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/security/cve/cve-2017-1000407
- https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- https://usn.ubuntu.com/3617-1/
- https://usn.ubuntu.com/3617-2/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3632-1/
- https://www.debian.org/security/2017/dsa-4073
- https://www.debian.org/security/2018/dsa-4082
- https://www.spinics.net/lists/kvm/msg159809.html