CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bsc#1025013).
CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server for SAP12x86_64kgraft-patch-3_12_61-52_69-default-2< 4.1kgraft-patch-3_12_61-52_69-default-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS12x86_64kgraft-patch-3_12_61-52_69-xen-2< 4.1kgraft-patch-3_12_61-52_69-xen-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server for SAP12x86_64kgraft-patch-3_12_61-52_69-xen-2< 4.1kgraft-patch-3_12_61-52_69-xen-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS12x86_64kgraft-patch-3_12_61-52_69-default-2< 4.1kgraft-patch-3_12_61-52_69-default-2-4.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Server for SAP	12	x86_64	kgraft-patch-3_12_61-52_69-default-2	< 4.1	kgraft-patch-3_12_61-52_69-default-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS	12	x86_64	kgraft-patch-3_12_61-52_69-xen-2	< 4.1	kgraft-patch-3_12_61-52_69-xen-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server for SAP	12	x86_64	kgraft-patch-3_12_61-52_69-xen-2	< 4.1	kgraft-patch-3_12_61-52_69-xen-2-4.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS	12	x86_64	kgraft-patch-3_12_61-52_69-default-2	< 4.1	kgraft-patch-3_12_61-52_69-default-2-4.1.x86_64.rpm

References

bugzilla.suse.com/1025013

bugzilla.suse.com/1030575

bugzilla.suse.com/1031660

openvas 36

nessus 53

suse 50

virtuozzo 2

f5 2

ibm 1

veracode 2

oraclelinux 7

hackerone 1

redhatcve 3

metasploit 1

exploitpack 2

prion 2

cve 2

debiancve 2

ubuntucve 2

zdt 3

cloudfoundry 2

ubuntu 4

seebug 1

packetstorm 1

exploitdb 3

fedora 4

threatpost 1

photon 2

googleprojectzero 1

redhat 3

centos 1

osv 1

amazon 2

debian 1

symantec 1

openvas

SUSE: Security Advisory (SUSE-SU-2017:1281-1)

2021-04-19 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:0780-1)

2021-04-19 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:0770-1)

2021-04-19 00:00:00

nessus

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1281-1)

2017-05-16 00:00:00

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0769-1)

2017-03-21 00:00:00

F5 Networks BIG-IP : Linux kernel vulnerability (K60104355)

2017-04-19 00:00:00

suse

Security update for Linux Kernel Live Patch 14 for SLE 12 (important)

2017-03-21 00:11:04

Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 (important)

2017-03-21 03:08:16

Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 (important)

2017-03-21 03:10:17

virtuozzo

Kernel security update: CVE-2017-5970 and other; Virtuozzo ReadyKernel patch 20.0 for Virtuozzo 7.0.x

2017-04-28 00:00:00

Kernel security update: Virtuozzo ReadyKernel patch 17.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

2017-04-04 00:00:00

K60104355 : Linux kernel vulnerability CVE-2017-5970

2017-04-18 00:00:00

K82224417 : Linux kernel vulnerability CVE-2017-7308

2017-05-05 00:00:00

ibm

Security Bulletin: IBM Security Access Manager Appliance is affected by a kernel vulnerability (CVE-2017-5970)

2018-06-22 02:26:47

veracode

Denial Of Service (DOS)

2019-05-02 06:36:13

Out-Of-Bounds Write

2019-05-02 06:11:33

oraclelinux

Unbreakable Enterprise kernel security update

2017-06-01 00:00:00

Unbreakable Enterprise kernel security update

2017-06-01 00:00:00

kernel security, bug fix, and enhancement update

2017-05-26 00:00:00

hackerone

Internet Bug Bounty: Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets

2019-08-29 13:48:44

redhatcve

CVE-2017-7308

2019-10-25 00:24:39

CVE-2017-5970

2017-02-13 11:12:18

CVE-2021-22600

2022-01-28 20:58:25

metasploit

AF_PACKET packet_set_ring Privilege Escalation

2018-04-28 01:40:17

exploitpack

Linux Kernel 4.8.0-34 4.8.0-45 (Ubuntu Linux Mint) - Packet Socket Local Privilege Escalation

2018-12-29 00:00:00

Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation

2017-05-11 00:00:00

prion

Code injection

2017-02-14 06:59:00

Integer overflow

2017-03-29 20:59:00

cve

CVE-2017-5970

2017-02-14 06:59:00

CVE-2017-7308

2017-03-29 20:59:00

debiancve

CVE-2017-5970

2017-02-14 06:59:00

CVE-2017-7308

2017-03-29 20:59:00

ubuntucve

CVE-2017-5970

2017-02-14 00:00:00

CVE-2017-7308

2017-03-29 00:00:00

zdt

Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation Exploit

2017-05-12 00:00:00

Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation

2019-07-26 00:00:00

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation Exploit

2018-05-18 00:00:00

cloudfoundry

USN-3256-2: Linux kernel (HWE) vulnerability | Cloud Foundry

2017-04-12 00:00:00

USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2017-05-01 00:00:00

ubuntu

Linux kernel (HWE) vulnerability

2017-04-05 00:00:00

Linux kernel vulnerability

2017-04-05 00:00:00

Linux kernel (Xenial HWE) vulnerabilities

2017-04-25 00:00:00

seebug

Linux kernel Local Denial of Service Vulnerability (CVE-2017-7308 )

2017-05-11 00:00:00

packetstorm

AF_PACKET packet_set_ring Privilege Escalation

2018-05-17 00:00:00

exploitdb

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)

2018-05-18 00:00:00

Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation

2018-12-29 00:00:00

Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation

2017-05-11 00:00:00

fedora

[SECURITY] Fedora 25 Update: kernel-4.9.10-200.fc25

2017-02-20 18:55:36

[SECURITY] Fedora 24 Update: kernel-4.9.10-100.fc24

2017-02-20 19:20:59

[SECURITY] Fedora 25 Update: kernel-4.10.10-200.fc25

2017-04-17 20:54:22

threatpost

RSAC 2019: Container Escape Hack Targets Vulnerable Linux Kernel

2019-03-04 13:30:17

photon

Important Photon OS Security Update - PHSA-2017-0041

2017-05-11 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0011

2017-04-14 00:00:00

googleprojectzero

Exploiting the Linux kernel via packet sockets

2017-05-10 00:00:00

redhat

(RHSA-2017:1297) Important: kernel-rt security and bug fix update

2017-05-25 13:15:44

(RHSA-2017:1298) Important: kernel-rt security and bug fix update

2017-05-25 13:21:34

(RHSA-2017:1308) Important: kernel security, bug fix, and enhancement update

2017-05-25 13:27:24

centos

kernel, perf, python security update

2017-05-26 02:33:51

osv

linux - security update

2017-04-28 00:00:00

amazon

Important: kernel

2017-05-10 17:06:00

Important: kernel

2017-03-06 14:00:00

debian

[SECURITY] [DLA 922-1] linux security update

2017-04-28 12:39:18

symantec

SA148: Linux Kernel Vulnerabilities Feb-Apr 2017

2017-05-09 08:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

77.3%

JSON

Related for SUSE-SU-2017:1281-1