MEDIUM5.9
Уязвимость функции get_pipe ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HCVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C
ALT-PU-2017-2847-1Обновление пакета kernel-image-std-def в ветке p8
Серьёзность:
Закрытые проблемы (4)
MEDIUM5.9
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.
CVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:CCVSS 3.xСРЕДНЯЯ 5.9
CVSS:3.x/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.securityfocus.com/bid/102150
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://secuniaresearch.flexerasoftware.com/advisories/77000/
- https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3754-1/
- https://www.debian.org/security/2018/dsa-4187
- https://www.spinics.net/lists/linux-usb/msg163480.html
- http://www.securityfocus.com/bid/102150
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/usb/usbip?id=635f545a7e8be7596b9b2b6a43cab6bbd5a88e43
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://secuniaresearch.flexerasoftware.com/advisories/77000/
- https://secuniaresearch.flexerasoftware.com/secunia_research/2017-21/
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3754-1/
- https://www.debian.org/security/2018/dsa-4187
- https://www.spinics.net/lists/linux-usb/msg163480.html
HIGH7.8
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:CCVSS 3.xВЫСОКАЯ 7.8
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HСсылки
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
- http://openwall.com/lists/oss-security/2017/12/21/2
- http://www.securityfocus.com/bid/102288
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=a6132276ab5dcc38b3299082efeb25b948263adb
- https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3633-1/
- https://usn.ubuntu.com/usn/usn-3523-2/
- https://www.debian.org/security/2017/dsa-4073
- https://www.exploit-db.com/exploits/44298/
- https://www.exploit-db.com/exploits/45010/
- https://www.exploit-db.com/exploits/45058/
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f
- http://openwall.com/lists/oss-security/2017/12/21/2
- http://www.securityfocus.com/bid/102288
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
- https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=a6132276ab5dcc38b3299082efeb25b948263adb
- https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3633-1/
- https://usn.ubuntu.com/usn/usn-3523-2/
- https://www.debian.org/security/2017/dsa-4073
- https://www.exploit-db.com/exploits/44298/
- https://www.exploit-db.com/exploits/45010/
- https://www.exploit-db.com/exploits/45058/
HIGH7.8
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:CCVSS 3.xВЫСОКАЯ 7.8
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HСсылки
- http://www.securityfocus.com/bid/102321
- http://www.securitytracker.com/id/1040058
- https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch?h=stretch-security
- https://usn.ubuntu.com/3523-3/
- https://usn.ubuntu.com/usn/usn-3523-2/
- https://www.debian.org/security/2017/dsa-4073
- https://www.spinics.net/lists/stable/msg206985.html
- http://www.securityfocus.com/bid/102321
- http://www.securitytracker.com/id/1040058
- https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch?h=stretch-security
- https://usn.ubuntu.com/3523-3/
- https://usn.ubuntu.com/usn/usn-3523-2/
- https://www.debian.org/security/2017/dsa-4073
- https://www.spinics.net/lists/stable/msg206985.html