Virtualization Host
CVE-2017-1000407
HIGH
Severity by source
AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
AnalysisAI
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-754. The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. Affected products include: Redhat Virtualization Host, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Virtualization Host
View allIn glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before th
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that t
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier m
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
A vulnerability was found in Undertow web server before 2.0.21. Rated critical severity (CVSS 9.8), this vulnerability i
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arg
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass int
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl cal
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today