1. Home
  2. Vulnerabilities
  3. CVE-2017-16994

CVE-2017-16994

CVSS v3.0 5.5 (Medium)
55% Progress
CVSS v2.0 2.1 (Low)
21% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 1
Advisories 14
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2017-11-27 19:29:00
(6 years ago)
Updated Date
2018-04-25 01:29:02
(6 years ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 4.14.2 version cpe:2.3:o:linux:linux_kernel < 4.14.2