Debian: DSA-3927-1 Critical: Kernel Privilege Escalation Advisory
debian
August 7, 2017
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks
Summary
CVE-2017-7346
Li Qiang discovered that the DRM driver for VMware virtual GPUs does
not properly check user-controlled values in the
vmw_surface_define_ioctl() functions for upper limits. A local user
can take advantage of this flaw to cause a denial of service.
CVE-2017-7482
Shi Lei discovered that RxRPC Kerberos 5 ticket handling code does
not properly verify metadata, leading to information disclosure,
denial of service or potentially execution of arbitrary code.
CVE-2017-7533
Fan Wu and Shixiong Zhao discovered a race condition between inotify
events and VFS rename operations allowing an unprivileged local
attacker to cause a denial of service or escalate privileges.
CVE-2017-7541
A buffer overflow flaw in the Broadcom IEEE802.11n PCIe SoftMAC WLAN
driver could allow a local user to cause kernel memory corruption,
leading to a denial of service or potentially privilege escalation.
CVE-2017-7542
An integer overflow vulnerability in the ip6_fin...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux
CVE ID: CVE-2017-7346 CVE-2017-7482 CVE-2017-7533 CVE-2017-7541
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!