Vulnetix
Try Vulnetix Request Demo
CVE-2017-11472 PUBLISHED

The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

EPSS 0.07% · 20.4th percentile

Risk Scores

EPSS Score
0.07%
20.4th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSlinux-lowlatency-hwe-6.110, 6.11.0-1009.10~24.04.1, 6.11.0-1011.12~24.04.1
Ubuntu:22.04:LTSlinux-riscv5.15.0-1007.7, 5.15.0-1008.8, 5.15.0-1011.12
Ubuntu:16.04:LTSlinux4.4.0-98.121, 4.4.0-101.124, 4.4.0-103.126
Ubuntu:16.04:LTSlinux-azure0, 4.11.0-1009.9, 4.11.0-1016.16
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:24.04:LTSlinux-azure-6.116.11.0-1017.17~24.04.1, 6.11.0-1018.18~24.04.1, 6.11.0-1008.8~24.04.1
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75
Ubuntu:Pro:20.04:LTSlinux-azure-fde-5.155.15.0-1021.26~20.04.1.1, 5.15.0-1020.25~20.04.1.1, 5.15.0-1019.24~20.04.1.1
Ubuntu:16.04:LTSlinux-gcp4.10.0-1006.6, 4.10.0-1009.9, 4.10.0-1004.4
Ubuntu:20.04:LTSlinux-riscv5.4.0-30.34, 5.4.0-31.35, 5.4.0-33.37
Ubuntu:20.04:LTSlinux-raspi25.4.0-1006.6, 0, 5.3.0-1007.8
Ubuntu:16.04:LTSlinux-kvm4.4.0-1007.12, 4.4.0-1019.24, 4.4.0-1004.9
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:14.04:LTSlinux-aws4.4.0-1010.10, 4.4.0-1009.9, 4.4.0-1006.6
Ubuntu:14.04:LTSlinux0, 3.11.0-12.19, 3.12.0-1.3
Ubuntu:Pro:FIPS:16.04:LTSlinux-fips0, 4.4.0-1006.6, 4.4.0-1005.5
Ubuntu:24.04:LTSlinux-gcp-6.116.11.0-1014.14~24.04.1, 6.11.0-1013.13~24.04.1, 6.11.0-1011.11~24.04.1
Ubuntu:24.04:LTSlinux-hwe-6.116.11.0-25.25~24.04.1, 6.11.0-26.26~24.04.1, 6.11.0-24.24~24.04.1
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1015.18, 0, 4.4.0-1012.12
Ubuntu:20.04:LTSlinux-gke5.4.0-1083.89, 5.4.0-1057.60, 5.4.0-1056.59

…and 5 more

Timeline

References

Open in Interactive Console →