Lucene search

K
cveMitreCVE-2017-11473
HistoryJul 20, 2017 - 4:29 a.m.

CVE-2017-11473

2017-07-2004:29:00
CWE-120
mitre
web.nvd.nist.gov
111
cve-2017-11473
buffer overflow
linux kernel
local privilege escalation
acpi table
security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<3.2.95
OR
linuxlinux_kernelRange3.3–3.16.50
OR
linuxlinux_kernelRange3.17–3.18.63
OR
linuxlinux_kernelRange3.19–4.1.44
OR
linuxlinux_kernelRange4.2–4.4.79
OR
linuxlinux_kernelRange4.5–4.9.40
OR
linuxlinux_kernelRange4.10–4.12.4
Node
canonicalubuntu_linuxMatch14.04esm
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%