[USN-3293-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Dmitry Vyukov discovered that KVM implementation in the Linux kernel
improperly emulated the VMXON instruction. A local attacker in a guest OS
could use this to cause a denial of service (memory consumption) in the
host OS. (CVE-2017-2596)
Dmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux
kernel contained a stack-based buffer overflow. A local attacker with
access to an sg device could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2017-7187)
It was discovered that a NULL pointer dereference existed in the Direct
Rendering Manager (DRM) driver for VMWare devices in the Linux kernel. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2017-7261)
Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)
Jason Donenfeld discovered a heap overflow in the MACsec module in the
Linux kernel. An attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7477)
It was discovered that an information leak existed in the set_mempolicy and
mbind compat syscalls in the Linux kernel. A local attacker could use this
to expose sensitive information (kernel memory). (CVE-2017-7616)
- ID
- USN-3293-1
- Severity
- high
- Severity from
- CVE-2017-7187
- URL
- https://ubuntu.com/security/notices/USN-3293-1
- Published
-
2017-05-17T01:25:05
(7 years ago) - Modified
-
2017-05-17T01:25:05
(7 years ago) - Other Advisories
-
- ALAS-2017-828
- DSA-3791-1
- ELSA-2017-1615
- ELSA-2017-1842
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3589
- ELSA-2018-1062
- ELSA-2018-1854
- ELSA-2018-4108
- ELSA-2018-4161
- ELSA-2018-4164
- ELSA-2018-4172
- ELSA-2020-5671
- FEDORA-2017-02174df32f
- FEDORA-2017-0aa0f69e0c
- FEDORA-2017-17d1c05236
- FEDORA-2017-26c9ecd7a4
- FEDORA-2017-3456ba4c93
- FEDORA-2017-392b319bb5
- FEDORA-2017-3a9ec92dd6
- FEDORA-2017-472052ebe5
- FEDORA-2017-502cf68d68
- FEDORA-2017-8e7549fb91
- FEDORA-2017-93dec9eba5
- FEDORA-2017-9b50e28441
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1854
- SUSE-SU-2017:1059-1
- SUSE-SU-2017:1060-1
- SUSE-SU-2017:1064-1
- SUSE-SU-2017:1183-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1277-1
- SUSE-SU-2017:1279-1
- SUSE-SU-2017:1280-1
- SUSE-SU-2017:1283-1
- SUSE-SU-2017:1284-1
- SUSE-SU-2017:1288-1
- SUSE-SU-2017:1289-1
- SUSE-SU-2017:1290-1
- SUSE-SU-2017:1293-1
- SUSE-SU-2017:1294-1
- SUSE-SU-2017:1295-1
- SUSE-SU-2017:1297-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1303-1
- SUSE-SU-2017:1308-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2525-1
- USN-3291-1
- USN-3291-2
- USN-3291-3
- USN-3292-1
- USN-3292-2
- USN-3312-1
- USN-3312-2
- USN-3342-1
- USN-3342-2
- USN-3343-1
- USN-3343-2
- USN-3361-1
- USN-3406-1
- USN-3406-2
- USN-3422-1
- USN-3422-2
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |