ALT-PU-2017-2831-1
Package kernel-image-std-def updated to version 4.9.71-alt1.1 for branch sisyphus in task 197396.
Closed vulnerabilities
Published: 2017-12-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-16995
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
- http://openwall.com/lists/oss-security/2017/12/21/2
- http://openwall.com/lists/oss-security/2017/12/21/2
- 102288
- 102288
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=a6132276ab5dcc38b3299082efeb25b948263adb
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=a6132276ab5dcc38b3299082efeb25b948263adb
- https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f
- https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f
- USN-3619-1
- USN-3619-1
- USN-3619-2
- USN-3619-2
- USN-3633-1
- USN-3633-1
- USN-3523-2
- USN-3523-2
- DSA-4073
- DSA-4073
- 44298
- 44298
- 45010
- 45010
- 45058
- 45058