PT-2017-10960 · Linux+5 · Linux Kernel+5

Publicado

2017-12-11

·

Atualizado

2019-05-28

·

CVE-2017-1000407

CVSS v3.1

7.4

Alta

VetorAV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions 2.6.32 and later
Description The issue allows for a denial of service by flooding the diagnostic port 0x80, which can trigger an exception leading to a kernel panic.
Recommendations For Linux Kernel versions 2.6.32 and later, consider restricting access to the diagnostic port 0x80 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Improper Check for Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-754

Identificadores relacionados

ALT-PU-2017-2802
ALT-PU-2017-2803
ALT-PU-2017-2808
ALT-PU-2018-1557
ALT-PU-2019-1433
CESA-2018_1062
CVE-2017-1000407
DLA-1200-1
DSA-4073-1
DSA-4082-1
MGASA-2018-0062
MGASA-2018-0063
MGASA-2018-0064
MGASA-2018-0073
MGASA-2018-0074
MGASA-2018-0075
RHSA-2018:0676
RHSA-2018:1062
RHSA-2018_0676
RHSA-2018_1062
RHSA-2019:1170
SUSE-SU-2018:3746-1
SUSE-SU-2018:3869-1
SUSE-SU-2018_3746-1
SUSE-SU-2019:1289-1
SUSE-SU-2019:13937-1
SUSE-SU-2019_13937-1
USN-3583-1
USN-3583-2
USN-3617-1
USN-3617-2
USN-3619-1
USN-3619-2
USN-3632-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu