Debian : Security Vulnerabilities, CVEs, Published In 2017 (Memory corruption)
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-07-17
Updated
2023-01-17
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
Max CVSS
8.0
EPSS Score
0.79%
Published
2017-09-12
Updated
2023-01-19
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.
Max CVSS
7.8
EPSS Score
0.06%
Published
2017-10-05
Updated
2023-01-17
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.
Max CVSS
5.5
EPSS Score
0.06%
Published
2017-12-31
Updated
2023-01-13
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-02-07
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-02-07
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-02-24
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-02-07
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-01-19
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-01-19
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-20
Updated
2023-01-19
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
Max CVSS
7.8
EPSS Score
0.14%
Published
2017-12-20
Updated
2022-02-07
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
Max CVSS
7.8
EPSS Score
0.16%
Published
2017-12-20
Updated
2022-02-07
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
Max CVSS
9.8
EPSS Score
1.39%
Published
2017-12-11
Updated
2020-10-28
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
Max CVSS
9.8
EPSS Score
2.25%
Published
2017-12-08
Updated
2021-02-03
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
Max CVSS
7.5
EPSS Score
66.03%
Published
2017-12-06
Updated
2017-12-30
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-27
Updated
2023-01-19
CVE-2017-16995
Public exploit
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
Max CVSS
7.8
EPSS Score
0.05%
Published
2017-12-27
Updated
2023-01-19
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
Max CVSS
9.8
EPSS Score
52.70%
Published
2017-11-25
Updated
2021-05-04
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-11-24
Updated
2023-01-19
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-04-01
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
Max CVSS
8.8
EPSS Score
0.70%
Published
2017-10-27
Updated
2019-06-30
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.
Max CVSS
7.5
EPSS Score
0.23%
Published
2017-10-22
Updated
2019-03-14