[USN-3443-1] Linux kernel vulnerabilities
Severity
Medium
CVEs
2
Several security issues were fixed in the Linux kernel.
It was discovered that on the PowerPC architecture, the kernel did not
properly sanitize the signal stack when handling sigreturn(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-1000255)
Andrey Konovalov discovered that a divide-by-zero error existed in the TCP
stack implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-14106)
- ID
- USN-3443-1
- Severity
- medium
- Severity from
- CVE-2017-1000255
- URL
- https://ubuntu.com/security/notices/USN-3443-1
- Published
-
2017-10-10T17:19:49
(7 years ago) - Modified
-
2017-10-10T17:19:49
(7 years ago) - Other Advisories
-
-
ALAS-2017-925
-
DSA-3981-1
-
ELSA-2017-2930
-
ELSA-2017-3200
-
ELSA-2017-3635
-
ELSA-2018-4040
-
ELSA-2018-4041
-
ELSA-2018-4235
-
FEDORA-2017-aa9927961f
-
FEDORA-2017-c110ac0eb1
-
FEDORA-2017-cafcdbdde5
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-884a105c04
-
RHSA-2017:2930
-
RHSA-2017:2931
-
RHSA-2017:3200
-
SUSE-SU-2017:2847-1
-
SUSE-SU-2017:2869-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:2956-1
-
SUSE-SU-2018:0011-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0180-1
-
USN-3443-2
-
USN-3443-3
-
USN-3444-1
-
USN-3444-2
-
USN-3445-1
-
USN-3445-2
-
USN-3487-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |