Skip to main content
CVE-2017-10661 HIGH POC PATCH THREAT Act Now

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and EPSS exploitation probability 25.7%.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel +5
NVD GitHub Exploit-DB
CVSS 3.1
7.0
EPSS
25.7%
CVE-2017-11323 HIGH POC This Week

Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Alzip
NVD
CVSS 3.1
7.8
EPSS
9.8%
CVE-2017-10663 HIGH PATCH This Week

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2017-10662 HIGH PATCH This Week

The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2017-12967 MEDIUM PATCH This Month

The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Binutils
NVD
CVSS 3.0
6.5
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy