Linux : Security Vulnerabilities, CVEs, Published In January 2018 (Overflow)

CVE-2017-16913

The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.
Max CVSS
7.1
EPSS Score
1.01%
Published
2018-01-31
Updated
2018-08-24

CVE-2017-15128

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-01-14
Updated
2021-07-15

CVE-2017-15126

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().
Max CVSS
9.3
EPSS Score
2.53%
Published
2018-01-14
Updated
2024-02-05
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close