Lucene search
F5F5:K33567812HistoryNov 07, 2017 - 12:00 a.m.
K33567812 : Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274
2017-11-0700:00:00
my.f5.com
30
Security Advisory Description
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.
Impact
This vulnerability allows a local user to cause a disruption of service.
Related
debiancve
debiancve
CVE-2017-15274
2017-10-12 00:29:00
CVE-2017-12192
2017-10-12 00:29:00
cve
cve
CVE-2017-15274
2017-10-12 00:29:00
CVE-2017-12192
2017-10-12 00:29:00
prion
prion
Null pointer dereference
2017-10-12 00:29:00
Code injection
2017-10-12 00:29:00
ubuntucve
ubuntucve
CVE-2017-15274
2017-10-11 00:00:00
CVE-2017-12192
2017-10-11 00:00:00
nvd
nvd
CVE-2017-15274
2017-10-12 00:29:00
CVE-2017-12192
2017-10-12 00:29:00
cvelist
cvelist
CVE-2017-15274
2017-10-12 00:00:00
CVE-2017-12192
2017-10-12 00:00:00
nessus
nessus
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20200610)
2020-06-11 00:00:00
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-096)
2017-10-25 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2017-094)
2017-10-18 00:00:00
redhatcve
redhatcve
CVE-2017-12192
2020-04-14 19:02:39
CVE-2017-15274
2017-10-12 10:19:26
veracode
veracode
Denial Of Service (DoS)
2019-05-16 02:13:53
Denial Of Service (DoS)
2019-05-16 02:50:31
virtuozzo
virtuozzo
amazon
amazon
Important: kernel
2017-10-26 16:43:00
suse
suse
Security update for the Linux Kernel (important)
2017-11-30 21:08:12
Security update for Linux Kernel Live Patch 26 for SLE 12 (important)
2017-10-19 12:12:23
Security update for Linux Kernel Live Patch 22 for SLE 12 (important)
2017-10-19 12:11:45
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2769-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2785-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2784-1)
2021-04-19 00:00:00
centos
centos
kernel, perf, python security update
2020-06-10 17:19:46
kernel, perf, python security update
2018-01-26 01:28:35
kernel security update
2018-04-27 05:53:39
redhat
redhat
(RHSA-2020:2430) Moderate: kernel security and bug fix update
2020-06-09 18:50:15
(RHSA-2018:0181) Important: kernel-rt security and bug fix update
2018-01-25 11:09:51
(RHSA-2018:0152) Important: kernel-rt security and bug fix update
2018-01-25 09:24:01
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2017-11-13 00:00:00
kernel security and bug fix update
2020-06-10 00:00:00
Unbreakable Enterprise kernel security update
2017-12-07 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0052
2017-06-30 00:00:00
Critical Photon OS Security Update - PHSA-2017-0078
2017-10-19 00:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2018-02-23 00:00:00
Linux kernel vulnerabilities
2018-02-23 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2017-10-31 00:00:00
cloudfoundry
cloudfoundry
USN-3469-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-11-27 00:00:00
cloudlinux
cloudlinux
Fix of 13 CVEs
2022-04-21 21:21:15
ibm
ibm