[USN-3377-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Fan Wu and Shixiong Zhao discovered a race condition between inotify events
and vfs rename operations in the Linux kernel. An unprivileged local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2017-7533)
It was discovered that the Linux kernel did not properly restrict
RLIMIT_STACK size. A local attacker could use this in conjunction with
another vulnerability to possibly execute arbitrary code.
(CVE-2017-1000365)
李强 discovered that the Virtio GPU driver in the Linux kernel did not
properly free memory in some situations. A local attacker could use this to
cause a denial of service (memory consumption). (CVE-2017-10810)
石磊 discovered that the RxRPC Kerberos 5 ticket handling code in the
Linux kernel did not properly verify metadata. A remote attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-7482)
- ID
- USN-3377-1
- Severity
- high
- Severity from
- CVE-2017-1000365
- URL
- https://ubuntu.com/security/notices/USN-3377-1
- Published
-
2017-08-03T16:23:15
(7 years ago) - Modified
-
2017-08-03T16:23:15
(7 years ago) - Other Advisories
-
- ALAS-2017-870
- DSA-3927-1
- DSA-3945-1
- ELSA-2017-2473
- ELSA-2017-3605
- ELSA-2017-3609
- ELSA-2017-3621
- ELSA-2017-3622
- ELSA-2017-3635
- ELSA-2018-4040
- ELSA-2018-4041
- FEDORA-2017-5ce9d89b82
- FEDORA-2017-73f71456d7
- FEDORA-2017-adc7d95627
- FEDORA-2017-e8bdc4ede0
- FEDORA-2017-f2f29441f9
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:2473
- RHSA-2017:2585
- SSA:2017-177-01
- SSA:2017-180-01
- SSA:2017-181-02
- SSA:2017-184-01
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2041-1
- SUSE-SU-2017:2042-1
- SUSE-SU-2017:2043-1
- SUSE-SU-2017:2046-1
- SUSE-SU-2017:2049-1
- SUSE-SU-2017:2060-1
- SUSE-SU-2017:2061-1
- SUSE-SU-2017:2062-1
- SUSE-SU-2017:2063-1
- SUSE-SU-2017:2064-1
- SUSE-SU-2017:2065-1
- SUSE-SU-2017:2066-1
- SUSE-SU-2017:2067-1
- SUSE-SU-2017:2068-1
- SUSE-SU-2017:2069-1
- SUSE-SU-2017:2070-1
- SUSE-SU-2017:2072-1
- SUSE-SU-2017:2073-1
- SUSE-SU-2017:2074-1
- SUSE-SU-2017:2088-1
- SUSE-SU-2017:2089-1
- SUSE-SU-2017:2090-1
- SUSE-SU-2017:2091-1
- SUSE-SU-2017:2092-1
- SUSE-SU-2017:2093-1
- SUSE-SU-2017:2094-1
- SUSE-SU-2017:2095-1
- SUSE-SU-2017:2096-1
- SUSE-SU-2017:2098-1
- SUSE-SU-2017:2099-1
- SUSE-SU-2017:2100-1
- SUSE-SU-2017:2102-1
- SUSE-SU-2017:2103-1
- SUSE-SU-2017:2114-1
- SUSE-SU-2017:2286-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2869-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- SUSE-SU-2017:3398-1
- SUSE-SU-2017:3410-1
- SUSE-SU-2018:0213-1
- SUSE-SU-2018:0509-1
- USN-3377-2
- USN-3378-1
- USN-3378-2
- USN-3381-1
- USN-3381-2
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |