Linux Enterprise Server Security Vulnerabilities and Issues — Linux Enterprise Server CVE List

Lucene search

SuseLinux Enterprise Server

3 matches found

CVE•added 2017/12/20 11:29 p.m.•271 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or h...

7.8CVSS7.5AI score0.00109EPSS

CVE•added 2017/12/20 11:29 p.m.•187 views

CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SH...

7.8CVSS7.4AI score0.00042EPSS

CVE•added 2017/12/12 3:29 p.m.•181 views

CVE-2017-17558

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-o...

7.2CVSS7AI score0.00081EPSS