VDB
CVE-2017-13694
CVE-2017-13694
PUBLISHED
The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
EPSS 0.12% · 30.9th percentile
Risk Scores
EPSS Score
0.12%
30.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-azure-fips | 5.4.0-1116.123+fips1, 5.4.0-1117.124+fips1, 5.4.0-1118.125+fips1 |
| Ubuntu:Pro:20.04:LTS | linux-azure | 5.4.0-1133.140, 5.4.0-1134.141, 5.4.0-1059.62 |
| Ubuntu:Pro:20.04:LTS | linux-oracle | 5.4.0-1024.24, 5.4.0-1015.15, 5.4.0-1007.7 |
| Ubuntu:22.04:LTS | linux-starfive-6.2 | 6.2.0-1007.8~22.04.1, 6.2.0-1009.10~22.04.1, 0 |
| Ubuntu:22.04:LTS | linux-ibm-6.8 | 6.8.0-1014.14~22.04.1, 6.8.0-1013.13~22.04.1, 6.8.0-1012.12~22.04.1 |
| Ubuntu:25.10 | linux-azure-fde | 6.17.0-1005.5, 6.17.0-1004.4, 6.17.0-1003.3 |
| Ubuntu:Pro:FIPS-updates:22.04:LTS | linux-azure-fips | *, *, 5.15.0-1072.81+fips1 |
| Ubuntu:Pro:20.04:LTS | linux-lowlatency-hwe-5.15 | 0, 5.15.0-33.34~20.04.1, 5.15.0-42.45~20.04.1 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-azure-fips | 5.4.0-1022.22+fips1, 0 |
| Ubuntu:24.04:LTS | linux-azure-6.14 | 0, 6.14.0-1010.10~24.04.1, * |
| Ubuntu:22.04:LTS | linux-intel-iotg | 5.15.0-1072.78, 5.15.0-1093.99, 5.15.0-1090.96 |
| Ubuntu:24.04:LTS | linux-gcp-6.14 | 6.14.0-1018.19~24.04.1, 6.14.0-1019.20~24.04.1, * |
| Ubuntu:Pro:18.04:LTS | linux | 4.15.0-211.222, 4.15.0-213.224, 4.15.0-216.227 |
| Ubuntu:22.04:LTS | linux-aws-5.19 | 5.19.0-1026.27~22.04.1, 5.19.0-1025.26~22.04.1, 5.19.0-1024.25~22.04.1 |
| Ubuntu:22.04:LTS | linux-raspi | 5.15.0-1059.62, 5.15.0-1064.67, 5.15.0-1062.65 |
| Ubuntu:22.04:LTS | linux-azure-fde-5.19 | *, 5.19.0-1026.29~22.04.1.1, 5.19.0-1025.28~22.04.1.1 |
| Ubuntu:Pro:Realtime:24.04:LTS | linux-realtime-6.14 | 6.14.0-1003.3~24.04.3, 0, * |
| Ubuntu:24.04:LTS | linux-oem-6.8 | 6.8.0-1014.14, 6.8.0-1024.24, 6.8.0-1025.25 |
| Ubuntu:22.04:LTS | linux-hwe-6.8 | *, 6.8.0-86.87~22.04.1, 6.8.0-85.85~22.04.1 |
| Ubuntu:24.04:LTS | linux-nvidia-6.11 | 6.11.0-1002.2, 6.11.0-1010.10, 0 |
…and 218 more
Timeline
- Aug 25, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-13694 third-party-advisory
- https://patchwork.kernel.org/patch/9806085/ third-party-advisory
- https://github.com/acpica/acpica/pull/278/commits/4a0243ecb4c94e2d73510d096c5ea4d0711fc6c0 third-party-advisory
- https://github.com/acpica/acpica/pull/278/commits/8829e70e1360c81e7a5a901b5d4f48330e021ea5 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-13694 third-party-advisory