3 matches found
CVE-2017-1000380
CVE-2017-1000380 affects the Linux kernel ALSA sound timer driver. A race between read and ioctl on /dev/snd/timer can disclose uninitialized memory to local users. Affected: kernels prior to 4.11.5. Remediation: upgrade to Linux kernel 4.11.5 or later (upstream fix referenced by ChangeLog-4.11.5...
CVE-2017-15274
CVE-2017-15274 affects the Linux kernel K ey Management subsystem: security/keys/keyctl.c fails to handle a NULL payload with a nonzero length, allowing local users to trigger a NULL pointer dereference and OOPS via crafted add_key or KEYCTL calls, resulting in DoS. The issue is chained to the ke...
CVE-2017-9605
CVE-2017-9605 affects the Linux kernel (up to and including 4.11.4) via the vmw_gb_surface_define_ioctl path (DRM_IOCTL_VMW_GB_SURFACE_CREATE) in vmwgfx_surface.c. The defect is that backup_handle is defined but not initialized, so when creating a GB surface with a previously allocated DMA buffer...