7.8

CVE-2017-11473

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.95
LinuxLinux Kernel Version >= 3.3 < 3.16.50
LinuxLinux Kernel Version >= 3.17 < 3.18.63
LinuxLinux Kernel Version >= 3.19 < 4.1.44
LinuxLinux Kernel Version >= 4.2 < 4.4.79
LinuxLinux Kernel Version >= 4.5 < 4.9.40
LinuxLinux Kernel Version >= 4.10 < 4.12.4
CanonicalUbuntu Linux Version14.04 SwEditionesm
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.327
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://usn.ubuntu.com/3754-1/
Third Party Advisory
http://www.securityfocus.com/bid/100010
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:0654
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=70ac67826602edf8c0ccb413e5ba7eacf597a60c
Patch
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=96301209473afd3f2f274b91cb7082d161b9be65
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dad5ab0db8deac535d03e3fe3d8f2892173fa6a4
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2018-01-01
Third Party Advisory