Linux : Security Vulnerabilities, CVEs, Published In 2017 (Overflow) CVSS score >= 9
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
Max CVSS
10.0
EPSS Score
0.94%
Published
2017-08-09
Updated
2023-01-19
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
Max CVSS
10.0
EPSS Score
90.47%
Published
2017-04-28
Updated
2023-01-19
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33177895. References: N-CVE-2017-0307.
Max CVSS
9.3
EPSS Score
0.19%
Published
2017-03-08
Updated
2019-10-03
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306.
Max CVSS
9.3
EPSS Score
0.19%
Published
2017-03-08
Updated
2019-10-03
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.
Max CVSS
10.0
EPSS Score
0.24%
Published
2017-01-12
Updated
2017-01-18
Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747.
Max CVSS
10.0
EPSS Score
0.22%
Published
2017-01-12
Updated
2017-01-23
Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804.
Max CVSS
10.0
EPSS Score
0.29%
Published
2017-01-12
Updated
2017-01-18
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.
Max CVSS
10.0
EPSS Score
0.24%
Published
2017-01-12
Updated
2017-01-18
8 vulnerabilities found