5.5

CVE-2017-15121

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.314
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://access.redhat.com/errata/RHSA-2018:0676
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:1062
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:1854
Vendor Advisory
http://www.securityfocus.com/bid/102128
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1520893
Vendor Advisory
Issue Tracking
https://support.f5.com/csp/article/K42142782?utm_source=f5support&amp%3Butm_medium=RSS