PT-2018-6363 · Linux+3 · Linux Kernel+3

Jakub Jirasek

Published

2016-03-17

Updated

2018-08-24

CVE-2017-16911

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 4.14.8 Linux Kernel versions prior to 4.4.114

Description: The issue allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.

Recommendations: For versions prior to 4.14.8, update to version 4.14.8 or later. For versions prior to 4.4.114, update to version 4.4.114 or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2016-1262

ALT-PU-2017-1299

ALT-PU-2017-2819

ALT-PU-2018-1112

CVE-2017-16911

DLA-1369-1

DSA-4187-1

MGASA-2018-0107

SUSE-SU-2018:0834-1

SUSE-SU-2018:0848-1

SUSE-SU-2018:1080-1

SUSE-SU-2018:1172-1

SUSE-SU-2018:1309-1

USN-3619-1

USN-3619-2

USN-3754-1

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2018-6363 · Linux+3 · Linux Kernel+3

CVE-2017-16911

Weakness Enumeration

Related Identifiers

Affected Products

References · 235