Icytxw

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.17.4 **Description** The issue is related to an integer overflow in the `alarm timer nsleep` function due to a large relative timeout. This overflow occurs because `ktime add safe` is not used, which can lead to a denial of service. **Recommendations** For Linux kernel versions prior to 4.17.4, update to version 4.17.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `alarm timer nsleep` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.17.3 **Description** The issue is related to an Integer Overflow in the POSIX timer code, specifically in kernel/time/posix-timers.c. This overflow occurs due to the way overrun accounting works, where the overrun can exceed INT MAX, but the accounting is based on integers. As a result, the accounting values visible to user space via timer getoverrun(2) and siginfo::si overrun can appear random. A local user can potentially cause a denial of service (signed integer overflow) by crafting specific system calls, including mmap, futex, timer create, and timer settime. **Recommendations** For Linux kernel versions prior to 4.17.3, update to a version 4.17.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.17.3 **Description** The issue is related to the filter parsing in the Linux kernel, which can be called with no filter. This can lead to a denial of service (slab out-of-bounds write) or possibly have other unspecified impacts via crafted `perf event open` and `mmap` system calls. **Recommendations** For Linux kernel versions prior to 4.17.3, update to version 4.17.3 or later to resolve the issue.