CVE-2017-1699
CVSS3.6
发布时间 :2018-01-04 12:29:00
修订时间 :2018-01-12 15:00:52
NMPS    

[原文]IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS分值: 3.6 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-264 [权限、特权与访问控制]

- CPE (受影响的平台与产品)

cpe:/a:ibm:websphere_mq:8.0
cpe:/a:ibm:websphere_mq:8.0.0.1
cpe:/a:ibm:websphere_mq:8.0.0.2
cpe:/a:ibm:websphere_mq:8.0.0.3
cpe:/a:ibm:websphere_mq:8.0.0.4
cpe:/a:ibm:websphere_mq:8.0.0.5
cpe:/a:ibm:websphere_mq:8.0.0.6
cpe:/a:ibm:websphere_mq:9.0
cpe:/a:ibm:websphere_mq:9.0.0.1
cpe:/a:ibm:websphere_mq:9.0.1
cpe:/a:ibm:websphere_mq:9.0.2
cpe:/a:ibm:websphere_mq:9.0.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1699
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1699
(官方数据源) NVD

- 其它链接及资源

http://www.ibm.com/support/docview.wss?uid=swg22010340
(VENDOR_ADVISORY)  CONFIRM  http://www.ibm.com/support/docview.wss?uid=swg22010340
https://exchange.xforce.ibmcloud.com/vulnerabilities/134391
(VENDOR_ADVISORY)  MISC  https://exchange.xforce.ibmcloud.com/vulnerabilities/134391

- 漏洞信息 (F145793)

Ubuntu Security Notice USN-3523-1 (PacketStormID:F145793)
2018-01-10 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,arbitrary,kernel,local
linux,ubuntu
CVE-2017-16995,CVE-2017-17862,CVE-2017-17863,CVE-2017-17864,CVE-2017-5754
[点击下载]

Ubuntu Security Notice 3523-1 - Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

==========================================================================
Ubuntu Security Notice USN-3523-1
January 09, 2018

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

Jann Horn discovered that microprocessors utilizing speculative execution
and indirect branch prediction may allow unauthorized memory reads via
sidechannel attacks. This flaw is known as Meltdown. A local attacker could
use this to expose sensitive information, including kernel memory.
(CVE-2017-5754)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel did not properly check the relationship between pointer
values and the BPF stack. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17863)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel improperly performed sign extension in some situations.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-16995)

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)
implementation in the Linux kernel contained a branch-pruning logic issue
around unreachable code. A local attacker could use this to cause a denial
of service. (CVE-2017-17862)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel mishandled pointer data values in some situations. A
local attacker could use this to to expose sensitive information (kernel
memory). (CVE-2017-17864)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
  linux-image-4.13.0-25-generic   4.13.0-25.29
  linux-image-4.13.0-25-lowlatency  4.13.0-25.29
  linux-image-generic             4.13.0.25.26
  linux-image-lowlatency          4.13.0.25.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://www.ubuntu.com/usn/usn-3523-1
  CVE-2017-16995, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864,
  CVE-2017-5754

Package Information:
  https://launchpad.net/ubuntu/+source/linux/4.13.0-25.29


    

- 漏洞信息 (F145820)

Ubuntu Security Notice USN-3523-3 (PacketStormID:F145820)
2018-01-11 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,arbitrary,kernel,local
linux,ubuntu
CVE-2017-16995,CVE-2017-17862,CVE-2017-17863,CVE-2017-17864
[点击下载]

Ubuntu Security Notice 3523-3 - Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

==========================================================================
Ubuntu Security Notice USN-3523-3
January 10, 2018

linux-raspi2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi2: Linux kernel for Raspberry Pi 2

Details:

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel did not properly check the relationship between pointer
values and the BPF stack. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17863)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel improperly performed sign extension in some situations.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-16995)

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)
implementation in the Linux kernel contained a branch-pruning logic issue
around unreachable code. A local attacker could use this to cause a denial
of service. (CVE-2017-17862)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel mishandled pointer data values in some situations. A
local attacker could use this to to expose sensitive information (kernel
memory). (CVE-2017-17864)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
  linux-image-4.13.0-1011-raspi2  4.13.0-1011.11
  linux-image-raspi2              4.13.0.1011.9

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://www.ubuntu.com/usn/usn-3523-3
  https://www.ubuntu.com/usn/usn-3523-1
  CVE-2017-16995, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864

Package Information:
  https://launchpad.net/ubuntu/+source/linux-raspi2/4.13.0-1011.11

    

- 漏洞信息 (F145819)

Ubuntu Security Notice USN-3532-2 (PacketStormID:F145819)
2018-01-11 00:00:00
Ubuntu  security.ubuntu.com
advisory,kernel,local,vulnerability
linux,ubuntu
CVE-2017-16995,CVE-2017-17862,CVE-2017-17863,CVE-2017-17864,CVE-2017-5754
[点击下载]

Ubuntu Security Notice 3532-2 - USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.

==========================================================================
Ubuntu Security Notice USN-3523-2
January 10, 2018

linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-oem: Linux kernel for OEM processors

Details:

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10.
This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu
16.04 LTS.

Jann Horn discovered that microprocessors utilizing speculative execution
and indirect branch prediction may allow unauthorized memory reads via
sidechannel attacks. This flaw is known as Meltdown. A local attacker could
use this to expose sensitive information, including kernel memory.
(CVE-2017-5754)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel did not properly check the relationship between pointer
values and the BPF stack. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17863)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel improperly performed sign extension in some situations.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-16995)

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)
implementation in the Linux kernel contained a branch-pruning logic issue
around unreachable code. A local attacker could use this to cause a denial
of service. (CVE-2017-17862)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel mishandled pointer data values in some situations. A
local attacker could use this to to expose sensitive information (kernel
memory). (CVE-2017-17864)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  linux-image-4.13.0-1005-azure   4.13.0-1005.7
  linux-image-4.13.0-1006-gcp     4.13.0-1006.9
  linux-image-4.13.0-1015-oem     4.13.0-1015.16
  linux-image-4.13.0-26-generic   4.13.0-26.29~16.04.2
  linux-image-4.13.0-26-generic-lpae  4.13.0-26.29~16.04.2
  linux-image-4.13.0-26-lowlatency  4.13.0-26.29~16.04.2
  linux-image-azure               4.13.0.1005.6
  linux-image-gcp                 4.13.0.1006.8
  linux-image-generic-hwe-16.04   4.13.0.26.46
  linux-image-generic-lpae-hwe-16.04  4.13.0.26.46
  linux-image-gke                 4.13.0.1006.8
  linux-image-lowlatency-hwe-16.04  4.13.0.26.46
  linux-image-oem                 4.13.0.1015.18

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://www.ubuntu.com/usn/usn-3523-2
  https://www.ubuntu.com/usn/usn-3523-1
  CVE-2017-16995, CVE-2017-17862, CVE-2017-17863, CVE-2017-17864,
  CVE-2017-5754

Package Information:
  https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1005.7
  https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1006.9
  https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-26.29~16.04.2
  https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1015.16

    

- 漏洞信息

Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
Design Error 101969
No Yes
2017-11-15 12:00:00 2017-11-28 03:09:00
Jann Horn

- 受影响的程序版本

Linux kernel 4.13.11
Linux kernel 4.13.10
Linux kernel 4.13.6
Linux kernel 4.13.4
Linux kernel 4.13.3
Linux kernel 4.12.3
Linux kernel 4.12.2
Linux kernel 4.11.9
Linux kernel 4.11.5
Linux kernel 4.11.4
Linux kernel 4.11.3
Linux kernel 4.11.2
Linux kernel 4.11.1
Linux kernel 4.11
Linux kernel 4.10.15
Linux kernel 4.10.13
Linux kernel 4.10.12
Linux kernel 4.10.10
Linux kernel 4.10.6
Linux kernel 4.10.4
Linux kernel 4.10
Linux kernel 4.7.4
Linux kernel 4.4.30
Linux kernel 4.4.29
Linux kernel 4.4.28
Linux kernel 4.4.27
Linux kernel 4.4.25
Linux kernel 4.4.24
+ SuSE Linux 7.2
Linux kernel 4.4.23
Linux kernel 4.4.22
Linux kernel 4.4.7
Linux kernel 4.4.2
Linux kernel 4.2.3
Linux kernel 4.1.4
Linux kernel 4.1.1
Linux kernel 4.0.6
Linux kernel 3.19.3
Linux kernel 3.18.22
Linux kernel 3.18.17
Linux kernel 3.18.11
Linux kernel 3.18.8
Linux kernel 3.18.7
Linux kernel 3.18.3
Linux kernel 3.18.2
Linux kernel 3.18.1
Linux kernel 3.17.4
Linux kernel 3.17.2
Linux kernel 3.16.7
Linux kernel 3.16.2
Linux kernel 3.16.1
Linux kernel 3.15.10
Linux kernel 3.15.5
Linux kernel 3.15.2
Linux kernel 3.14.54
Linux kernel 3.14.45
Linux kernel 3.14.37
Linux kernel 3.14.4
Linux kernel 3.14.3
Linux kernel 3.14.2
Linux kernel 3.13.11
Linux kernel 3.13.9
Linux kernel 3.13.3
Linux kernel 3.13.1
Linux kernel 3.12.49
Linux kernel 3.12.48
Linux kernel 3.12.44
Linux kernel 3.12.40
Linux kernel 3.12.21
Linux kernel 3.12.18
Linux kernel 3.12.17
Linux kernel 3.12.16
Linux kernel 3.12.11
Linux kernel 3.12.7
Linux kernel 3.12.4
Linux kernel 3.12.3
Linux kernel 3.12.2
Linux kernel 3.11.3
Linux kernel 3.10.90
Linux kernel 3.10.81
Linux kernel 3.10.73
Linux kernel 3.10.45
Linux kernel 3.10.41
Linux kernel 3.10.38
Linux kernel 3.10.37
Linux kernel 3.10.36
Linux kernel 3.10.30
Linux kernel 3.10.27
Linux kernel 3.10.26
Linux kernel 3.10.23
Linux kernel 3.10.22
Linux kernel 3.10.21
Linux kernel 3.10.14
Linux kernel 3.10.10
Linux kernel 3.10.9
Linux kernel 3.10.7
Linux kernel 3.10
Linux kernel 3.8.9
Linux kernel 3.8.6
Linux kernel 3.8.5
Linux kernel 3.8.4
Linux kernel 3.8.2
Linux kernel 3.8.1
Linux kernel 3.7.10
Linux kernel 3.7.9
Linux kernel 3.7.8
Linux kernel 3.7.7
Linux kernel 3.7.5
Linux kernel 3.7.4
Linux kernel 3.7.3
Linux kernel 3.7.2
Linux kernel 3.7.1
Linux kernel 3.6.11
Linux kernel 3.6.10
Linux kernel 3.6.9
Linux kernel 3.6.8
Linux kernel 3.6.7
Linux kernel 3.6.6
Linux kernel 3.6.5
Linux kernel 3.6.4
Linux kernel 3.6.3
Linux kernel 3.6.2
Linux kernel 3.6.1
Linux kernel 3.5.7
Linux kernel 3.5.6
Linux kernel 3.5.5
Linux kernel 3.5.4
Linux kernel 3.5.3
Linux kernel 3.5.2
Linux kernel 3.5.1
Linux kernel 3.4.88
Linux kernel 3.4.87
Linux kernel 3.4.86
Linux kernel 3.4.80
Linux kernel 3.4.76
Linux kernel 3.4.73
Linux kernel 3.4.72
Linux kernel 3.4.71
Linux kernel 3.4.64
Linux kernel 3.4.58
Linux kernel 3.4.42
Linux kernel 3.4.36
Linux kernel 3.4.32
Linux kernel 3.4.31
Linux kernel 3.4.27
Linux kernel 3.4.26
Linux kernel 3.4.25
Linux kernel 3.4.21
Linux kernel 3.4.20
Linux kernel 3.4.19
Linux kernel 3.4.18
Linux kernel 3.4.17
Linux kernel 3.4.16
Linux kernel 3.4.15
Linux kernel 3.4.14
Linux kernel 3.4.13
Linux kernel 3.4.12
Linux kernel 3.4.11
Linux kernel 3.4.10
Linux kernel 3.4.9
Linux kernel 3.4.8
Linux kernel 3.4.7
Linux kernel 3.4.6
Linux kernel 3.4.5
Linux kernel 3.4.4
Linux kernel 3.4.3
Linux kernel 3.4.2
Linux kernel 3.4.1
Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2
Linux kernel 3.2.82
Linux kernel 3.2.72
Linux kernel 3.2.62
Linux kernel 3.2.57
Linux kernel 3.2.56
Linux kernel 3.2.51
Linux kernel 3.2.24
Linux kernel 3.2.23
Linux kernel 3.2.13
Linux kernel 3.2.12
Linux kernel 3.2.9
Linux kernel 3.2.1
Linux kernel 3.1.8
Linux kernel 3.0.98
Linux kernel 3.0.75
Linux kernel 3.0.72
Linux kernel 3.0.69
Linux kernel 3.0.65
Linux kernel 3.0.60
Linux kernel 3.0.59
Linux kernel 3.0.58
Linux kernel 3.0.37
Linux kernel 3.0.34
Linux kernel 3.0.5
Linux kernel 3.0.4
Linux kernel 3.0.2
Linux kernel 3.0.1
Linux kernel 2.6.27 6
Linux kernel 2.6.27 3
Linux kernel 2.6.27 12
Linux kernel 2.6.27 .8
Linux kernel 2.6.27 .5
Linux kernel 2.6.27 .46
Linux kernel 2.6.27 .24
Linux kernel 2.6.24 .2
Linux kernel 2.6.24 .1
Linux kernel 2.6.24
Linux kernel 2.6.23 .7
Linux kernel 2.6.23 .6
Linux kernel 2.6.23 .5
Linux kernel 2.6.23 .4
Linux kernel 2.6.23 .3
Linux kernel 2.6.23 .2
Linux kernel 2.6.23
Linux kernel 2.6.22 .8
Linux kernel 2.6.22 .7
Linux kernel 2.6.22 .6
Linux kernel 2.6.22 .5
Linux kernel 2.6.22 .4
Linux kernel 2.6.22 .3
Linux kernel 2.6.22 .2
Linux kernel 2.6.22 .17
Linux kernel 2.6.22 .16
Linux kernel 2.6.22 .15
Linux kernel 2.6.22 .14
Linux kernel 2.6.22 .13
Linux kernel 2.6.22 .12
Linux kernel 2.6.21 4
Linux kernel 2.6.21 .7
Linux kernel 2.6.21 .6
Linux kernel 2.6.21 .3
Linux kernel 2.6.21 .2
Linux kernel 2.6.21 .1
Linux kernel 2.6.21
Linux kernel 2.6.18 .7
Linux kernel 2.6.18 .6
Linux kernel 2.6.18 .5
Linux kernel 2.6.18 .4
Linux kernel 2.6.18 .3
Linux kernel 2.6.18 .2
Linux kernel 2.6.18 .1
Linux kernel 2.6.17 .9
Linux kernel 2.6.17 .8
Linux kernel 2.6.17 .7
Linux kernel 2.6.17 .6
Linux kernel 2.6.17 .5
Linux kernel 2.6.17 .4
Linux kernel 2.6.17 .3
Linux kernel 2.6.17 .2
Linux kernel 2.6.17 .14
Linux kernel 2.6.17 .13
Linux kernel 2.6.17 .12
Linux kernel 2.6.17 .11
Linux kernel 2.6.17 .10
Linux kernel 2.6.17 .1
Linux kernel 2.6.17
Linux kernel 2.6.16 27
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .8
Linux kernel 2.6.16 .7
Linux kernel 2.6.16 .6
Linux kernel 2.6.16 .53
Linux kernel 2.6.16 .52
Linux kernel 2.6.16 .51
Linux kernel 2.6.16 .50
Linux kernel 2.6.16 .5
Linux kernel 2.6.16 .49
Linux kernel 2.6.16 .48
Linux kernel 2.6.16 .47
Linux kernel 2.6.16 .46
Linux kernel 2.6.16 .45
Linux kernel 2.6.16 .44
Linux kernel 2.6.16 .43
Linux kernel 2.6.16 .41
Linux kernel 2.6.16 .40
Linux kernel 2.6.16 .4
Linux kernel 2.6.16 .39
Linux kernel 2.6.16 .38
Linux kernel 2.6.16 .37
Linux kernel 2.6.16 .36
Linux kernel 2.6.16 .35
Linux kernel 2.6.16 .34
Linux kernel 2.6.16 .33
Linux kernel 2.6.16 .32
Linux kernel 2.6.16 .31
Linux kernel 2.6.16 .30
Linux kernel 2.6.16 .3
Linux kernel 2.6.16 .29
Linux kernel 2.6.16 .28
Linux kernel 2.6.16 .27
Linux kernel 2.6.16 .26
Linux kernel 2.6.16 .25
Linux kernel 2.6.16 .24
Linux kernel 2.6.16 .23
Linux kernel 2.6.16 .22
Linux kernel 2.6.15 .7
Linux kernel 2.6.15 .6
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15
Linux kernel 2.6.14 .7
Linux kernel 2.6.14 .6
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14
Linux kernel 2.6.13 .5
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .22
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .12
Linux kernel 2.6.12 .1
Linux kernel 2.6.12
Linux kernel 2.6.11 .9
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .4
Linux kernel 2.6.11 .3
Linux kernel 2.6.11 .2
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 .10
Linux kernel 2.6.11 .1
Linux kernel 2.6.11
Linux kernel 2.6.10
Linux kernel 2.6.1
Linux kernel 2.6
Linux kernel 4.9
Linux kernel 4.8.7
Linux kernel 4.8.6
Linux kernel 4.8.3
Linux kernel 4.8.13
Linux kernel 4.8.12
Linux kernel 4.8.1
Linux kernel 4.7.9
Linux kernel 4.6.3
Linux kernel 4.6.2
Linux kernel 4.6.1
Linux kernel 4.5.5
Linux kernel 4.4.38
Linux kernel 4.4.26
Linux kernel 4.4.14
Linux kernel 4.4.1
Linux kernel 4.3.3
Linux kernel 4.2.8
Linux kernel 4.14-rc5
Linux kernel 4.14-rc1
Linux kernel 4.14
Linux kernel 4.13.5
Linux kernel 4.13.2
Linux kernel 4.13.1
Linux kernel 4.13
Linux kernel 4.12.1
Linux kernel 4.11.8
Linux kernel 4.11.7
Linux kernel 4.10.9
Linux kernel 4.10.8
Linux kernel 4.10.7
Linux kernel 4.10.5
Linux kernel 4.10.3
Linux kernel 4.10.2
Linux kernel 4.10.11
Linux kernel 4.10.1
Linux kernel 4.1.15
Linux kernel 4.1
Linux kernel 4.0.5
Linux kernel 4.0
Linux kernel 3.9.8
Linux kernel 3.9.4
Linux kernel 3.9
Linux kernel 3.8
Linux kernel 3.7.6
Linux kernel 3.7
Linux kernel 3.6
Linux kernel 3.5
Linux kernel 3.4.93
Linux kernel 3.4.81
Linux kernel 3.4.70
Linux kernel 3.4.67
Linux kernel 3.4.29
Linux kernel 3.4
Linux kernel 3.3
Linux kernel 3.2.81
Linux kernel 3.2.78
Linux kernel 3.2.65
Linux kernel 3.2.64
Linux kernel 3.2.63
Linux kernel 3.2.60
Linux kernel 3.2.55
Linux kernel 3.2.54
Linux kernel 3.2.53
Linux kernel 3.2.52
Linux kernel 3.2.50
Linux kernel 3.2.44
Linux kernel 3.2.42
Linux kernel 3.2.38
Linux kernel 3.2.2
Linux kernel 3.2
Linux kernel 3.19
Linux kernel 3.18.9
Linux kernel 3.18
Linux kernel 3.17.6
Linux kernel 3.17
Linux kernel 3.16.6
Linux kernel 3.16.36
Linux kernel 3.16.0-28
Linux kernel 3.16
Linux kernel 3.15
Linux kernel 3.14.79
Linux kernel 3.14.73
Linux kernel 3.14.7
Linux kernel 3.14.5
Linux kernel 3.14-4
Linux kernel 3.14-1
Linux kernel 3.14
Linux kernel 3.13.7
Linux kernel 3.13.6
Linux kernel 3.13.5
Linux kernel 3.13.4
Linux kernel 3.13.0
Linux kernel 3.13
Linux kernel 3.12.22
Linux kernel 3.12.15
Linux kernel 3.12.14
Linux kernel 3.12.12
Linux kernel 3.12.1
Linux kernel 3.12
Linux kernel 3.11.9
Linux kernel 3.11.6
Linux kernel 3.11
Linux kernel 3.10.5
Linux kernel 3.10.43
Linux kernel 3.10.31
Linux kernel 3.10.20
Linux kernel 3.10.17
Linux kernel 3.10
Linux kernel 3.1
Linux kernel 3.0.66
Linux kernel 3.0.62
Linux kernel 3.0.18
Linux kernel 3.0
Linux kernel 2.6.23.14
Linux kernel 2.6.23.10
Linux kernel 2.6.23.1
Linux kernel 2.6.20.3
Linux kernel 2.6.20.2
Linux kernel 2.6.20-2
Linux kernel 2.6.18
Linux kernel 2.6.16.9
Linux kernel 2.6.16.7
Linux kernel 2.6.16.19
Linux kernel 2.6.16.13
Linux kernel 2.6.16.12
Linux kernel 2.6.16.11
Linux kernel 2.6.14.3
Linux kernel 2.6.14.2
Linux kernel 2.6.13.4
Linux kernel 2.6.13.3
Linux kernel 2.6.13.2
Linux kernel 2.6.13.1
Linux kernel 2.6.12.6
Linux kernel 2.6.12.5
Linux kernel 2.6.12.4
Linux kernel 2.6.12.3
Linux kernel 2.6.12.2
Linux kernel 2.6.12.1
Linux kernel 2.6.11.8
Linux kernel 2.6.11.7
Linux kernel 2.6.11.6
Linux kernel 2.6.11.5
Linux kernel 2.6.11.4
Linux kernel 2.6.11.12
Linux kernel 2.6.11.11
,Linux kernel 4.14.2

- 不受影响的程序版本

Linux kernel 4.14.2

- 漏洞讨论

The Linux kernel is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Versions prior to Linux kernel 4.14.2 are vulnerable.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站