Revision Date: | 2017-12-27 | Version: | 1 | Title: | CVE-2017-17853 on Ubuntu 16.04 LTS (xenial) - medium. | Description: | kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.
| Family: | unix | Class: | vulnerability | Status: | | Reference(s): | CVE-2017-17853
| Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | Definition Synopsis | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-azure' package in xenial is not affected (note: '4.15.0-1013.13~16.04.2').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed ESM criteria').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-gcp' package in xenial is not affected (note: '4.15.0-1014.14~16.04.1').
OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-goldfish' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-hwe' package in xenial is not affected (note: '4.15.0-24.26~16.04.1').
OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in xenial is not affected (note: '4.15.0-24.26~16.04.1').
OR NOT While related to the CVE in some way, the 'linux-kvm' package in xenial is not affected.
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-oem' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected.
OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected.
|
|