Lucene search

K

Veracode Vulnerability DatabaseVERACODE:12995

HistoryJan 15, 2019 - 9:24 a.m.

Privilege Escalation

2019-01-1509:24:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

kernel is vulnerable to privilege escalation attacks. The vulnerability exists through a use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CPENameOperatorVersion
kerneleq2.6.32__696.28.1.el6
kerneleq2.6.32__358.6.1.el6
kerneleq2.6.32__642.6.2.el6
kerneleq2.6.32__431.40.2.el6
kerneleq3.10.0__693.el7
kerneleq2.6.32__642.3.1.el6
kerneleq2.6.32__71.18.2.el6
kerneleq2.6.32__358.14.1.el6
kerneleq2.6.32__279.19.1.el6
kerneleq2.6.32__504.16.2.el6

Rows per page:

1-10 of 1561

References

lists.alioth.debian.org/pipermail/secure-testing-commits/2017-December/059967.html

www.securityfocus.com/bid/102329

access.redhat.com/errata/RHSA-2018:2390

access.redhat.com/errata/RHSA-2018:3083

access.redhat.com/errata/RHSA-2018:3096

access.redhat.com/errata/RHSA-2020:0036

access.redhat.com/security/updates/classification/#important

access.redhat.com/security/vulnerabilities/L1TF

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229

help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

lists.debian.org/debian-lts-announce/2018/05/msg00000.html

security-tracker.debian.org/tracker/CVE-2017-0861

source.android.com/security/bulletin/pixel/2017-11-01

usn.ubuntu.com/3583-1/

usn.ubuntu.com/3583-2/

usn.ubuntu.com/3617-1/

usn.ubuntu.com/3617-2/

usn.ubuntu.com/3617-3/

usn.ubuntu.com/3619-1/

usn.ubuntu.com/3619-2/

usn.ubuntu.com/3632-1/

www.debian.org/security/2018/dsa-4187

www.oracle.com/security-alerts/cpujul2020.html

www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

Related for VERACODE:12995

prion1 cve1 f51 redhatcve1 ubuntucve1 debiancve1 nessus65 suse47 openvas53 altlinux1 redhat3 oraclelinux6 virtuozzo2 centos2 ibm2 amazon1 ubuntu6 mageia3 osv1 debian1