Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In August 2017 CVSS score >= 8

CVE-2017-13715

The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet.
Max CVSS
10.0
EPSS Score
1.43%
Published
2017-08-29
Updated
2023-01-17

CVE-2017-12762

In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
Max CVSS
10.0
EPSS Score
0.94%
Published
2017-08-09
Updated
2023-01-19
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close