4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
6.1 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.6%
Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel
did not properly validate meta block groups. An attacker with physical
access could use this to specially craft an ext4 image that causes a denial
of service (system crash). (CVE-2016-10208)
It was discovered that the Linux kernel did not clear the setgid bit during
a setxattr call on a tmpfs filesystem. A local attacker could use this to
gain elevated group privileges. (CVE-2017-5551)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | linux-image-4.4.0-1006-gke | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-4.4.0-1006-gke | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-cloud-tools-4.4.0-1006 | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-cloud-tools-4.4.0-1006-dbgsym | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-cloud-tools-common | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-headers-4.4.0-1006 | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-source-4.4.0 | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-tools-4.4.0-1006 | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-tools-4.4.0-1006-dbgsym | < 4.4.0-1006.6 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-gke-tools-common | < 4.4.0-1006.6 | UNKNOWN |
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
6.1 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.6%