Все бюллетени/sisyphus/ALT-PU-2017-2802-1
ALT-PU-2017-2802-1

Обновление пакета kernel-image-un-def в ветке sisyphus

Версия4.14.6-alt1
Задание#196815
Опубликовано2017-12-15
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (4)

CVE-2017-0861
HIGH7.8

Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

Опубликовано: 2017-11-16Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 7.8
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2017-1000407
HIGH7.4

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

Опубликовано: 2017-12-11Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 6.1
CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS 3.xВЫСОКАЯ 7.4
CVSS:3.x/CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Ссылки
CVE-2017-17558
MEDIUM6.6

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.

Опубликовано: 2017-12-12Изменено: 2025-04-20
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 3.xСРЕДНЯЯ 6.6
CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки
CVE-2017-17807
LOW3.3

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c.

Опубликовано: 2017-12-20Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS 3.xНИЗКАЯ 3.3
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Ссылки