7.8

CVE-2017-9076

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.89
LinuxLinux Kernel Version >= 3.3 < 3.16.44
LinuxLinux Kernel Version >= 3.17 < 3.18.84
LinuxLinux Kernel Version >= 3.19 < 4.4.71
LinuxLinux Kernel Version >= 4.5 < 4.9.31
LinuxLinux Kernel Version >= 4.10 < 4.11.4
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.282
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://access.redhat.com/errata/RHSA-2017:1842
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2077
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1854
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2669
Third Party Advisory
https://source.android.com/security/bulletin/2017-09-01
Third Party Advisory
http://www.debian.org/security/2017/dsa-3886
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98586
Third Party Advisory
VDB Entry
https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52
Patch
Vendor Advisory
https://patchwork.ozlabs.org/patch/760370/
Patch
Third Party Advisory