5.5

CVE-2017-15127

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.13
RedhatEnterprise Linux Version7.0
RedhatEnterprise Mrg Version2.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.297
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-460 Improper Cleanup on Thrown Exception

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

https://access.redhat.com/errata/RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:1062
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995
Patch
Vendor Advisory
http://www.securityfocus.com/bid/102517
https://access.redhat.com/security/cve/CVE-2017-15127
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1525218
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995
Patch
Third Party Advisory