5.5
CVE-2017-15127
- EPSS 0.38%
- Veröffentlicht 14.01.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:07
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.13
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Mrg Version2.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-460 Improper Cleanup on Thrown Exception
The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
https://access.redhat.com/errata/RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:1062
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995
http://www.securityfocus.com/bid/102517
https://access.redhat.com/security/cve/CVE-2017-15127
https://bugzilla.redhat.com/show_bug.cgi?id=1525218
https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995