The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Linux

vulnerability CVE-2017-18017

Linux kernel: use after free via tcpmss_mangle_packet

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via tcpmss_mangle_packet() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 04/01/2018.
Identifiers: CERTFR-2018-AVI-075, CERTFR-2018-AVI-080, CERTFR-2018-AVI-104, CERTFR-2018-AVI-119, CERTFR-2018-AVI-161, CERTFR-2018-AVI-196, CERTFR-2018-AVI-197, CERTFR-2018-AVI-228, CERTFR-2018-AVI-259, CVE-2017-18017, DLA-1369-1, DSA-4187-1, openSUSE-SU-2018:0408-1, RHSA-2018:0676-01, RHSA-2018:1062-01, RHSA-2018:1130-01, RHSA-2018:1170-01, RHSA-2018:1319-01, RHSA-2018:1737-01, SUSE-SU-2018:0383-1, SUSE-SU-2018:0416-1, SUSE-SU-2018:0555-1, SUSE-SU-2018:0660-1, SUSE-SU-2018:0834-1, SUSE-SU-2018:0841-1, SUSE-SU-2018:0848-1, SUSE-SU-2018:0986-1, USN-3583-1, USN-3583-2, VIGILANCE-VUL-24940.

Description of the vulnerability

An attacker can force the usage of a freed memory area via tcpmss_mangle_packet() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-3695

Linux kernel: denial of service via einj_error_inject

Synthesis of the vulnerability

An attacker can generate a fatal error via einj_error_inject() of the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: user shell.
Creation date: 02/01/2018.
Identifiers: 1322755, CVE-2016-3695, VIGILANCE-VUL-24919.

Description of the vulnerability

An attacker can generate a fatal error via einj_error_inject() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-17975

Linux kernel: use after free via usbtv_probe

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via usbtv_probe of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: document.
Creation date: 02/01/2018.
Identifiers: CERTFR-2018-AVI-147, CERTFR-2018-AVI-196, CERTFR-2018-AVI-250, CERTFR-2018-AVI-257, CVE-2017-17975, DSA-4188-1, openSUSE-SU-2018:0781-1, SUSE-SU-2018:0785-1, SUSE-SU-2018:0786-1, SUSE-SU-2018:0986-1, USN-3653-1, USN-3653-2, USN-3654-1, USN-3654-2, USN-3656-1, USN-3657-1, VIGILANCE-VUL-24916.

Description of the vulnerability

An attacker can force the usage of a freed memory area via usbtv_probe of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-17852 CVE-2017-17853 CVE-2017-17854

Linux kernel: six vulnerabilities via BPF

Synthesis of the vulnerability

An attacker can use several vulnerabilities via BPF of the Linux kernel.
Impacted products: Fedora, Linux.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 6.
Creation date: 28/12/2017.
Identifiers: CVE-2017-17852, CVE-2017-17853, CVE-2017-17854, CVE-2017-17855, CVE-2017-17856, CVE-2017-17857, FEDORA-2018-22d5fa8a90, FEDORA-2018-884a105c04, FEDORA-2018-8ed5eff2c0, VIGILANCE-VUL-24896.

Description of the vulnerability

An attacker can use several vulnerabilities via BPF of the Linux kernel.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-16996

Linux kernel: denial of service via kernel/bpf/verifier.c

Synthesis of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Linux.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 28/12/2017.
Identifiers: CVE-2017-16996, VIGILANCE-VUL-24893.

Description of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-17864

Linux kernel: information disclosure via states_equal

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via states_equal of the Linux kernel, in order to obtain sensitive information.
Impacted products: Debian, Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 28/12/2017.
Identifiers: CERTFR-2018-AVI-017, CERTFR-2018-AVI-049, CERTFR-2018-AVI-075, CERTFR-2018-AVI-080, CERTFR-2018-AVI-196, CVE-2017-17864, DSA-4073-1, FEDORA-2018-22d5fa8a90, FEDORA-2018-884a105c04, FEDORA-2018-8ed5eff2c0, openSUSE-SU-2018:0408-1, SUSE-SU-2018:0383-1, SUSE-SU-2018:0416-1, SUSE-SU-2018:0986-1, USN-3523-1, USN-3523-2, USN-3523-3, USN-3541-1, USN-3541-2, VIGILANCE-VUL-24884.

Description of the vulnerability

An attacker can bypass access restrictions to data via states_equal of the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-17863

Linux kernel: denial of service via kernel/bpf/verifier.c

Synthesis of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Linux, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 28/12/2017.
Identifiers: CERTFR-2018-AVI-017, CERTFR-2018-AVI-049, CVE-2017-17863, DSA-4073-1, FEDORA-2018-22d5fa8a90, FEDORA-2018-884a105c04, FEDORA-2018-8ed5eff2c0, USN-3523-1, USN-3523-2, USN-3523-3, USN-3541-1, USN-3541-2, VIGILANCE-VUL-24883.

Description of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-17862

Linux kernel: denial of service via kernel/bpf/verifier.c

Synthesis of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 28/12/2017.
Identifiers: CERTFR-2018-AVI-017, CERTFR-2018-AVI-049, CERTFR-2018-AVI-075, CERTFR-2018-AVI-080, CERTFR-2018-AVI-170, CERTFR-2018-AVI-196, CVE-2017-17862, DSA-4073-1, FEDORA-2018-22d5fa8a90, FEDORA-2018-884a105c04, FEDORA-2018-8ed5eff2c0, openSUSE-SU-2018:0408-1, SUSE-SU-2018:0383-1, SUSE-SU-2018:0416-1, SUSE-SU-2018:0986-1, USN-3523-1, USN-3523-2, USN-3523-3, USN-3541-1, USN-3541-2, USN-3619-1, USN-3619-2, VIGILANCE-VUL-24882.

Description of the vulnerability

An attacker can generate a fatal error via kernel/bpf/verifier.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-17807

Linux kernel: privilege escalation via construct_get_dest_keyring

Synthesis of the vulnerability

An attacker can bypass restrictions via construct_get_dest_keyring() of the Linux kernel, in order to escalate his privileges.
Impacted products: Debian, Android OS, Linux, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 21/12/2017.
Identifiers: CERTFR-2018-AVI-018, CERTFR-2018-AVI-165, CERTFR-2018-AVI-170, CERTFR-2018-AVI-198, CVE-2017-17807, DLA-1232-1, DSA-4073-1, DSA-4082-1, USN-3617-1, USN-3617-2, USN-3617-3, USN-3619-1, USN-3619-2, USN-3620-1, USN-3620-2, USN-3632-1, VIGILANCE-VUL-24872.

Description of the vulnerability

An attacker can bypass restrictions via construct_get_dest_keyring() of the Linux kernel, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-17806

Linux kernel: buffer overflow via HMAC

Synthesis of the vulnerability

An attacker can generate a buffer overflow via HMAC of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Android OS, Linux, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 21/12/2017.
Identifiers: CERTFR-2018-AVI-005, CERTFR-2018-AVI-014, CERTFR-2018-AVI-018, CERTFR-2018-AVI-029, CERTFR-2018-AVI-048, CERTFR-2018-AVI-083, CERTFR-2018-AVI-165, CERTFR-2018-AVI-170, CERTFR-2018-AVI-198, CVE-2017-17806, DLA-1232-1, DSA-4073-1, DSA-4082-1, openSUSE-SU-2018:0022-1, openSUSE-SU-2018:0023-1, RHSA-2018:2948-01, SUSE-SU-2018:0010-1, SUSE-SU-2018:0011-1, SUSE-SU-2018:0012-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0069-1, SUSE-SU-2018:0131-1, SUSE-SU-2018:0171-1, SUSE-SU-2018:0437-1, SUSE-SU-2018:0525-1, USN-3583-1, USN-3583-2, USN-3617-1, USN-3617-2, USN-3617-3, USN-3619-1, USN-3619-2, USN-3632-1, VIGILANCE-VUL-24871.

Description of the vulnerability

An attacker can generate a buffer overflow via HMAC of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Linux: