Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3420-2
HistorySep 18, 2017 - 12:00 a.m.

Linux kernel (Xenial HWE) vulnerabilities

2017-09-1800:00:00
ubuntu.com
53

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.9%

JSON

Releases

  • Ubuntu 14.04 ESM

Packages

  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty

Details

USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that a buffer overflow existed in the Bluetooth stack of
the Linux kernel when handling L2CAP configuration responses. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2017-1000251)

It was discovered that the Flash-Friendly File System (f2fs) implementation
in the Linux kernel did not properly validate superblock metadata. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-10663)

It was discovered that a buffer overflow existed in the ioctl handling code
in the ISDN subsystem of the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2017-12762)

Pengfei Wang discovered that a race condition existed in the NXP SAA7164 TV
Decoder driver for the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2017-8831)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchlinux-image-4.4.0-96-generic< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchblock-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchcrypto-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfat-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfb-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfirewire-core-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfloppy-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfs-core-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchfs-secondary-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Ubuntu14.04noarchinput-modules-4.4.0-96-generic-di< 4.4.0-96.119~14.04.1UNKNOWN
Rows per page:
1-10 of 561

Related

ubuntu 3
openvas 38
cloudfoundry 1
nessus 51
suse 43
f5 3
prion 5
debiancve 4
redhatcve 4
cve 6
ubuntucve 5
oraclelinux 4
veracode 2
osv 2
redhat 11
archlinux 4
exploitpack 1
centos 2
slackware 1
mageia 6
exploitdb 1
virtuozzo 2
ubuntu
ubuntu
Linux kernel vulnerabilities
2017-09-18 00:00:00
Linux kernel vulnerability
2017-09-18 00:00:00
Linux kernel vulnerabilities
2017-09-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3420-1)
2017-09-19 00:00:00
Ubuntu: Security Advisory (USN-3420-2)
2017-09-19 00:00:00
RedHat Update for kernel RHSA-2017:2679-01
2017-09-13 00:00:00
cloudfoundry
cloudfoundry
USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-09-21 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)
2017-09-19 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3420-2)
2017-09-19 00:00:00
RHEL 7 : kernel (RHSA-2017:2680) (BlueBorne)
2017-09-13 00:00:00
suse
suse
Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 (important)
2017-10-20 18:12:15
Security update for Linux Kernel Live Patch 5 for SLE 12 SP2 (important)
2017-10-20 18:09:18
Security update for Linux Kernel Live Patch 8 for SLE 12 SP2 (important)
2017-10-20 18:09:57
f5
f5
K82300604 : Linux Kernel vulnerability CVE-2017-8831
2017-12-13 00:00:00
K63131370 : Linux kernel vulnerability CVE-2017-1000251
2017-10-27 00:00:00
K58928452 : Kernel vulnerability CVE-2017-1000410
2020-12-17 00:00:00
prion
prion
Design/Logic Flaw
2017-05-08 06:29:00
Design/Logic Flaw
2017-08-19 18:29:00
Buffer overflow
2017-08-09 21:29:00
debiancve
debiancve
CVE-2017-8831
2017-05-08 06:29:00
CVE-2017-10663
2017-08-19 18:29:00
CVE-2017-12762
2017-08-09 21:29:00
redhatcve
redhatcve
CVE-2017-8831
2017-05-11 09:50:43
CVE-2017-10663
2017-08-14 08:48:33
CVE-2017-12762
2017-08-14 10:18:37
cve
cve
CVE-2017-8831
2017-05-08 06:29:00
CVE-2017-10663
2017-08-19 18:29:00
CVE-2017-12762
2017-08-09 21:29:00
ubuntucve
ubuntucve
CVE-2017-8831
2017-05-08 00:00:00
CVE-2017-10663
2017-08-19 00:00:00
CVE-2017-1000251
2017-09-12 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2017-09-13 00:00:00
kernel security update
2017-09-12 00:00:00
kernel security update
2017-09-13 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:19:10
Remote Code Execution (RCE)
2019-01-15 09:21:39
osv
osv
CVE-2017-1000251
2017-09-12 17:29:00
CVE-2017-1000410
2017-12-07 19:29:00
redhat
redhat
(RHSA-2017:2707) Important: kernel security and bug fix update
2017-09-13 13:15:37
(RHSA-2017:2705) Important: kernel-rt security update
2017-09-13 13:15:19
(RHSA-2017:2681) Important: kernel security update
2017-09-12 13:03:08
archlinux
archlinux
[ASA-201709-9] linux: arbitrary code execution
2017-09-15 00:00:00
[ASA-201709-4] linux-hardened: arbitrary code execution
2017-09-13 00:00:00
[ASA-201709-12] linux-zen: arbitrary code execution
2017-09-18 00:00:00
exploitpack
exploitpack
Linux Kernel 4.13.1 - BlueTooth Buffer Overflow (PoC)
2017-09-21 00:00:00
centos
centos
kernel, perf, python security update
2017-09-12 23:15:02
kernel, perf, python security update
2017-09-13 21:20:33
slackware
slackware
[slackware-security] kernel
2017-09-15 20:17:20
mageia
mageia
Updated kernel-linus packages fixes security and other bugs
2017-08-20 11:48:42
Updated kernel packages fixes security and other bugs
2017-08-18 20:06:49
Updated kernel-tmb packages fixes security and other bugs
2017-08-20 11:48:42
exploitdb
exploitdb
Linux Kernel &lt; 4.13.1 - BlueTooth Buffer Overflow (PoC)
2017-09-21 00:00:00
virtuozzo
virtuozzo
Important kernel security update: CVE-2017-1000251 and other; new kernel 2.6.32-042stab125.1, Virtuozzo 6.0 Update 12 Hotfix 15 (6.0.12-3684)
2017-09-26 00:00:00
Important kernel security update: CVE-2017-1000251 and other; new kernel 2.6.32-042stab125.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2017-09-26 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.9%

JSON
Related for USN-3420-2
ubuntu3openvas38cloudfoundry1nessus51suse43f53prion5debiancve4redhatcve4cve6ubuntucve5oraclelinux4veracode2osv2redhat11archlinux4exploitpack1centos2slackware1mageia6exploitdb1virtuozzo2