Vulnerability Name: | CVE-2017-5550 (CCN-121666) | ||||||||||||||||||||||||||||||||||||||||
Assigned: | 2017-02-06 | ||||||||||||||||||||||||||||||||||||||||
Published: | 2017-02-06 | ||||||||||||||||||||||||||||||||||||||||
Updated: | 2017-02-09 | ||||||||||||||||||||||||||||||||||||||||
Summary: | Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision. | ||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-200 | ||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2017-5550 Source: CCN Type: Linux Kernel GIT Repository fix a fencepost error in pipe_advance() Source: CONFIRM Type: Issue Tracking, Patch, Third Party Advisory http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb Source: CONFIRM Type: Release Notes, Vendor Advisory http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 Source: CCN Type: oss-sec Mailing List, Fri, 20 Jan 2017 22:24:00 -0500 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel Source: MLIST Type: Mailing List, Patch, Third Party Advisory [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel Source: BID Type: Third Party Advisory, VDB Entry 95716 Source: CCN Type: BID-95716 Linux Kernel CVE-2017-5550 Local Information Disclosure Vulnerability Source: CONFIRM Type: Issue Tracking, Patch https://bugzilla.redhat.com/show_bug.cgi?id=1416116 Source: XF Type: UNKNOWN linux-kernel-cve20175550-info-disc(121666) Source: CONFIRM Type: Issue Tracking, Patch, Third Party Advisory https://github.com/torvalds/linux/commit/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb | ||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
BACK |