ALT-PU-2017-2808-1
Package kernel-image-std-pae updated to version 4.4.106-alt1 for branch sisyphus in task 196926.
Closed vulnerabilities
Published: 2017-11-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-0861
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- [secure-testing-commits] 20171206 r58306 - data/CVE
- [secure-testing-commits] 20171206 r58306 - data/CVE
- 102329
- 102329
- RHSA-2018:2390
- RHSA-2018:2390
- RHSA-2018:3083
- RHSA-2018:3083
- RHSA-2018:3096
- RHSA-2018:3096
- RHSA-2020:0036
- RHSA-2020:0036
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update
- [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update
- https://security-tracker.debian.org/tracker/CVE-2017-0861
- https://security-tracker.debian.org/tracker/CVE-2017-0861
- https://source.android.com/security/bulletin/pixel/2017-11-01
- https://source.android.com/security/bulletin/pixel/2017-11-01
- USN-3583-1
- USN-3583-1
- USN-3583-2
- USN-3583-2
- USN-3617-1
- USN-3617-1
- USN-3617-2
- USN-3617-2
- USN-3617-3
- USN-3617-3
- USN-3619-1
- USN-3619-1
- USN-3619-2
- USN-3619-2
- USN-3632-1
- USN-3632-1
- DSA-4187
- DSA-4187
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Published: 2017-12-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-1000407
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
Severity: HIGH (7.4)
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
References:
- [oss-security] 20171204 CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80
- [oss-security] 20171204 CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80
- 102038
- 102038
- RHSA-2018:0676
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1062
- RHSA-2019:1170
- RHSA-2019:1170
- https://access.redhat.com/security/cve/cve-2017-1000407
- https://access.redhat.com/security/cve/cve-2017-1000407
- [debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update
- [debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update
- USN-3583-1
- USN-3583-1
- USN-3583-2
- USN-3583-2
- USN-3617-1
- USN-3617-1
- USN-3617-2
- USN-3617-2
- USN-3619-1
- USN-3619-1
- USN-3619-2
- USN-3619-2
- USN-3632-1
- USN-3632-1
- DSA-4073
- DSA-4073
- DSA-4082
- DSA-4082
- [kvm] 20171201 [PATCH 1/2] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
- [kvm] 20171201 [PATCH 1/2] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts