update cve/linux-kernel/2017/yaml/CVE-2017-16995.yaml.
Signed-off-by: Tianxu Han <hantianxu@buaa.edu.cn>
This commit is contained in:
Tianxu Han
Re3et
parent
aa3bc02a6c
commit
c36a4939e6
|
|
@ -4,17 +4,17 @@ info:
|
||||||
name: Linux内核是Linux基金会的开源操作系统Linux所使用的内核。
|
name: Linux内核是Linux基金会的开源操作系统Linux所使用的内核。
|
||||||
severity: high
|
severity: high
|
||||||
description: |
|
description: |
|
||||||
由于UFO到非UFO的路径切换,导致可被利用的内存损坏。
|
Linux内核中kernel/bpf/verifier.c的check_alu_op函数在4.4之前允许本地用户通过利用不正确的符号扩展导致拒绝服务(内存损坏)或可能产生不明的其他影响。
|
||||||
scope-of-influence:
|
scope-of-influence:
|
||||||
linux_kernel <= 4.13.9
|
linux_kernel >=4.9
|
||||||
reference:
|
reference:
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-1000112
|
- https://nvd.nist.gov/vuln/detail/cve-2017-16995
|
||||||
- https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112
|
- https://github.com/C0dak/CVE-2017-16995
|
||||||
classification:
|
classification:
|
||||||
cvss-metrics: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||||
cvss-score: 7.0
|
cvss-score: 7.8
|
||||||
cve-id: CVE-2017-1000112
|
cve-id: CVE-2017-16995
|
||||||
cwe-id: CWE-362
|
cwe-id: CWE-119
|
||||||
cnvd-id: None
|
cnvd-id: None
|
||||||
kve-id: None
|
kve-id: None
|
||||||
tags: kernel, Privelege Escalation
|
tags: kernel, memory corruption
|
||||||
Loading…
Reference in New Issue