VDB
CVE-2017-17863
CVE-2017-17863
PUBLISHED
CVSS 7.800000190734863 HIGH
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.
EPSS 0.09% · 26.1th percentile
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.09%
26.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| debian | debian_linux | 9.0 |
| n/a | n/a | n/a |
| linux | linux_kernel | 4.9.0 |
Exploit Intelligence
- Berisi 2 program C dari exploitDB untuk melakukan privillage eskalation untuk ubuntu 16.04 (github-poc)
- Berisi 2 program C dari exploitDB untuk melakukan privillage eskalation untuk ubuntu 16.04 (github-poc)
- Berisi 2 program C dari exploitDB untuk melakukan privillage eskalation untuk ubuntu 16.04 (github-poc)
- Berisi 2 program C dari exploitDB untuk melakukan privillage eskalation untuk ubuntu 16.04 (github-poc)
- ZhiQiAnSecFork/cve-2017-16995 (github-poc)
- ZhiQiAnSecFork/cve-2017-16995 (github-poc)
- ZhiQiAnSecFork/cve-2017-16995 (github-poc)
- ZhiQiAnSecFork/cve-2017-16995 (github-poc)
- mareks1007/cve-2017-16995 (github-poc)
- mareks1007/cve-2017-16995 (github-poc)
…and 53 more exploits
Timeline
- Dec 23, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- 1040058 vdb
- USN-3523-3 vendor-advisory
- https://www.spinics.net/lists/stable/msg206985.html url
- 102321 vdb
- DSA-4073 vendor-advisory
- USN-3523-2 vendor-advisory
- https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch?h=stretch-security url
- https://nvd.nist.gov/vuln/detail/CVE-2017-17863 advisory
- https://usn.ubuntu.com/3523-3 url
- https://usn.ubuntu.com/usn/usn-3523-2 url
- https://usn.ubuntu.com/usn/usn-3522-4/ advisory
- https://usn.ubuntu.com/usn/usn-3523-1/ advisory
- https://usn.ubuntu.com/usn/usn-3522-1/ advisory
- https://usn.ubuntu.com/usn/usn-3524-2/ advisory
- https://usn.ubuntu.com/usn/usn-3522-3/ advisory
- https://usn.ubuntu.com/usn/usn-3524-1/ advisory
- https://usn.ubuntu.com/usn/usn-3522-2/ advisory