Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2017-5715
HistoryJan 04, 2018 - 1:29 p.m.

CVE-2017-5715

2018-01-0413:29:00
Alpine Linux Development Team
security.alpinelinux.org
21

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.975

Percentile

100.0%

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

OSVersionArchitecturePackageVersionFilename
Alpine3.5-mainnoarchxen< 4.7.3-r4UNKNOWN
Alpine3.6-mainnoarchxen< 4.8.2-r4UNKNOWN

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.975

Percentile

100.0%