6 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-17052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mminit function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the -exefile member of a new process's mmstruct, allowing a local attacke...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1484)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in Linux Kernel affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows
Summary IntelR Manycore Platform Software Stack IntelR MPSS for Linux and Windows have addressed the following vulnerabilities in Linux Kernel. Vulnerability Details Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4062)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4062 advisory. - fork: fix incorrect fput of -exefile causing use-after-free Eric Biggers Orabug: 27290198 CVE-2017-17052 - KVM: x86: fix singlestepping over...
Unbreakable Enterprise kernel security update
4.1.12-112.16.7 - mlx4: change the ICM table allocations to lowest needed size Daniel Jurgens Orabug: 27718305 - autofs: use dentry flags to block walks during expire Ian Kent Orabug: 26032471 Orabug: 27766149 - autofs races Al Viro Orabug: 27766149 Orabug: 27766149 - crypto: FIPS - allow tests t...
CVE-2017-17052
The CVE-2017-17052 entry affects the Linux kernel: the mm_init function in kernel/fork.c fails to clear the ->exe_file field of a new process’s mm_struct. This can enable a local attacker to trigger a use-after-free (and potential additional impact) by running a crafted program. Affected path ...