DEBIAN-CVE-2017-16994

DEBIAN-CVE-2017-16994 PUBLISHED CVSS 5.5 MEDIUM

The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.

Risk Scores

CVSS 3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 0, 0
Debian:14	linux	0, 0, 0
Debian:12	linux	0, 0, 0
Debian:11	linux	0, 0, 0

Exploit Intelligence

jedai47/CVE-2017-16994 (github-poc-repo)

Timeline

Nov 27, 2017 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2017-16994 advisory

Open in Interactive Console →