cvelistv5 - cve-2017-7889

CVE-2017-7889 (GCVE-0-2017-7889)

Vulnerability from cvelistv5

Published

2017-04-17 00:00

Modified

2024-08-05 16:19

Severity ?

CWE

Summary

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

References

URL

Tags

	https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94	x_refsource_MISC
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94	x_refsource_MISC
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/97690	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2017/04/16/4	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:28.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94"
          },
          {
            "name": "USN-3583-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3583-2/"
          },
          {
            "name": "RHSA-2017:2669",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2669"
          },
          {
            "name": "RHSA-2018:1854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1854"
          },
          {
            "name": "USN-3583-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3583-1/"
          },
          {
            "name": "DSA-3945",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3945"
          },
          {
            "name": "97690",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97690"
          },
          {
            "name": "RHSA-2017:2077",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2077"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/04/16/4"
          },
          {
            "name": "RHSA-2017:1842",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1842"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-05T20:01:31.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94"
        },
        {
          "name": "USN-3583-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3583-2/"
        },
        {
          "name": "RHSA-2017:2669",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2669"
        },
        {
          "name": "RHSA-2018:1854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1854"
        },
        {
          "name": "USN-3583-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3583-1/"
        },
        {
          "name": "DSA-3945",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3945"
        },
        {
          "name": "97690",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97690"
        },
        {
          "name": "RHSA-2017:2077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2077"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/04/16/4"
        },
        {
          "name": "RHSA-2017:1842",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1842"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7889",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94",
              "refsource": "MISC",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94"
            },
            {
              "name": "USN-3583-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3583-2/"
            },
            {
              "name": "RHSA-2017:2669",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2669"
            },
            {
              "name": "RHSA-2018:1854",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1854"
            },
            {
              "name": "USN-3583-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3583-1/"
            },
            {
              "name": "DSA-3945",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3945"
            },
            {
              "name": "97690",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97690"
            },
            {
              "name": "RHSA-2017:2077",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2077"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2017/04/16/4",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2017/04/16/4"
            },
            {
              "name": "RHSA-2017:1842",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1842"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7889",
    "datePublished": "2017-04-17T00:00:00.000Z",
    "dateReserved": "2017-04-16T00:00:00.000Z",
    "dateUpdated": "2024-08-05T16:19:28.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2017-AVI-233

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 LTS
Ubuntu	Ubuntu	Ubuntu 17.04
Ubuntu	Ubuntu	Ubuntu 16.10
Ubuntu	Ubuntu	Ubuntu 14.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-3360-1 du 21 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3364-2 du 24 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3361-1 du 21 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3358-1 du 20 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3360-2 du 21 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3364-1 du 24 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3364-3 du 25 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3371-1 du 28 juillet 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3359-1 du 21 juillet 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 17.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-9150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9150"
    },
    {
      "name": "CVE-2017-5549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5549"
    },
    {
      "name": "CVE-2015-8967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8967"
    },
    {
      "name": "CVE-2017-2584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2584"
    },
    {
      "name": "CVE-2017-7618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7618"
    },
    {
      "name": "CVE-2017-6348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6348"
    },
    {
      "name": "CVE-2017-7472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7472"
    },
    {
      "name": "CVE-2017-6346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
    },
    {
      "name": "CVE-2017-7895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
    },
    {
      "name": "CVE-2015-8944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8944"
    },
    {
      "name": "CVE-2017-7645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7645"
    },
    {
      "name": "CVE-2017-5970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5970"
    },
    {
      "name": "CVE-2017-9074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
    },
    {
      "name": "CVE-2017-8925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8925"
    },
    {
      "name": "CVE-2017-2618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2618"
    },
    {
      "name": "CVE-2014-9900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9900"
    },
    {
      "name": "CVE-2016-8405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8405"
    },
    {
      "name": "CVE-2017-7273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7273"
    },
    {
      "name": "CVE-2017-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6345"
    },
    {
      "name": "CVE-2017-6214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
    },
    {
      "name": "CVE-2017-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7616"
    },
    {
      "name": "CVE-2015-8963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
    },
    {
      "name": "CVE-2017-6347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6347"
    },
    {
      "name": "CVE-2016-9083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
    },
    {
      "name": "CVE-2017-7346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7346"
    },
    {
      "name": "CVE-2017-2671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2671"
    },
    {
      "name": "CVE-2015-8955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8955"
    },
    {
      "name": "CVE-2017-2583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2583"
    },
    {
      "name": "CVE-2016-9755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9755"
    },
    {
      "name": "CVE-2017-5550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5550"
    },
    {
      "name": "CVE-2017-9605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9605"
    },
    {
      "name": "CVE-2015-8966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8966"
    },
    {
      "name": "CVE-2016-10208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10208"
    },
    {
      "name": "CVE-2016-10088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10088"
    },
    {
      "name": "CVE-2017-5897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5897"
    },
    {
      "name": "CVE-2017-7187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7187"
    },
    {
      "name": "CVE-2016-9191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9191"
    },
    {
      "name": "CVE-2015-8962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
    },
    {
      "name": "CVE-2017-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2596"
    },
    {
      "name": "CVE-2017-8924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8924"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2017-1000380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000380"
    },
    {
      "name": "CVE-2016-9604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
    },
    {
      "name": "CVE-2017-5576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5576"
    },
    {
      "name": "CVE-2017-5551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5551"
    },
    {
      "name": "CVE-2017-5546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5546"
    },
    {
      "name": "CVE-2017-6001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6001"
    },
    {
      "name": "CVE-2015-8964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
    },
    {
      "name": "CVE-2016-9084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
    },
    {
      "name": "CVE-2017-7261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7261"
    },
    {
      "name": "CVE-2016-8636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8636"
    },
    {
      "name": "CVE-2017-5669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5669"
    }
  ],
  "initial_release_date": "2017-07-21T00:00:00",
  "last_revision_date": "2017-07-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-233",
  "revisions": [
    {
      "description": "mise \u00e0 jour des bulletins, vuln\u00e9rabilit\u00e9s et syst\u00e8mes affect\u00e9s.",
      "revision_date": "2017-07-21T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Ubuntu USN-3360-2 du 21 juillet 2017.",
      "revision_date": "2017-07-24T00:00:00.000000"
    },
    {
      "description": "ajout des bulletins de s\u00e9curit\u00e9 Ubuntu USN-3364-1 et USN-3364-2 du 24 juillet 2017.",
      "revision_date": "2017-07-25T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Ubuntu USN-3364-3 du 25 juillet 2017.",
      "revision_date": "2017-07-26T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Ubuntu USN-3371-1 du 28 juillet 2017.",
      "revision_date": "2017-07-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3360-1 du 21 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3360-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3364-2 du 24 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3364-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3361-1 du 21 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3361-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3358-1 du 20 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3358-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3360-2 du 21 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3360-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3364-1 du 24 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3364-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3364-3 du 25 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3364-3/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3371-1 du 28 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3371-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3359-1 du 21 juillet 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3359-1/"
    }
  ]
}

CERTFR-2017-AVI-383

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP 12-SP1
SUSE	N/A	SUSE Linux Enterprise Module for Public Cloud 12
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP1-LTSS
SUSE	N/A	SUSE OpenStack Cloud 6

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20172908-1 du 30 octobre 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Server for SAP 12-SP1",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE OpenStack Cloud 6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-12153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12153"
    },
    {
      "name": "CVE-2017-14106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
    },
    {
      "name": "CVE-2017-1000365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000365"
    },
    {
      "name": "CVE-2017-15274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15274"
    },
    {
      "name": "CVE-2017-8831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8831"
    },
    {
      "name": "CVE-2017-15649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
    },
    {
      "name": "CVE-2017-11176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11176"
    },
    {
      "name": "CVE-2017-7482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7482"
    },
    {
      "name": "CVE-2017-6346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
    },
    {
      "name": "CVE-2017-10661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10661"
    },
    {
      "name": "CVE-2017-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
    },
    {
      "name": "CVE-2017-9242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9242"
    },
    {
      "name": "CVE-2017-14051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14051"
    },
    {
      "name": "CVE-2017-9074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
    },
    {
      "name": "CVE-2017-8925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8925"
    },
    {
      "name": "CVE-2017-9077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9077"
    },
    {
      "name": "CVE-2017-9076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
    },
    {
      "name": "CVE-2017-12154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12154"
    },
    {
      "name": "CVE-2017-1000363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000363"
    },
    {
      "name": "CVE-2017-15265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
    },
    {
      "name": "CVE-2017-7487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
    },
    {
      "name": "CVE-2017-7541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7541"
    },
    {
      "name": "CVE-2017-7542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7542"
    },
    {
      "name": "CVE-2017-14140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
    },
    {
      "name": "CVE-2017-8924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8924"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2017-1000380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000380"
    },
    {
      "name": "CVE-2017-8890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
    },
    {
      "name": "CVE-2017-9075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9075"
    },
    {
      "name": "CVE-2017-7518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
    },
    {
      "name": "CVE-2016-10277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10277"
    },
    {
      "name": "CVE-2017-12192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
    },
    {
      "name": "CVE-2017-13080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
    }
  ],
  "initial_release_date": "2017-10-31T00:00:00",
  "last_revision_date": "2017-10-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-383",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-10-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172908-1 du 30 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172908-1/"
    }
  ]
}

CERTFR-2017-AVI-390

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-LTSS
	SUSE	N/A	SUSE Linux Enterprise Module for Public Cloud 12

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20172920-1 du 02 novembre 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Server 12-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-12153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12153"
    },
    {
      "name": "CVE-2017-14106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
    },
    {
      "name": "CVE-2017-1000365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000365"
    },
    {
      "name": "CVE-2017-15274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15274"
    },
    {
      "name": "CVE-2015-9004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-9004"
    },
    {
      "name": "CVE-2017-8831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8831"
    },
    {
      "name": "CVE-2017-15649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
    },
    {
      "name": "CVE-2017-2647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2647"
    },
    {
      "name": "CVE-2017-11176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11176"
    },
    {
      "name": "CVE-2017-7482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7482"
    },
    {
      "name": "CVE-2017-6346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
    },
    {
      "name": "CVE-2017-10661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10661"
    },
    {
      "name": "CVE-2017-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
    },
    {
      "name": "CVE-2017-9242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9242"
    },
    {
      "name": "CVE-2017-14051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14051"
    },
    {
      "name": "CVE-2017-6951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
    },
    {
      "name": "CVE-2017-9074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
    },
    {
      "name": "CVE-2017-8925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8925"
    },
    {
      "name": "CVE-2017-9077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9077"
    },
    {
      "name": "CVE-2016-10229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10229"
    },
    {
      "name": "CVE-2017-9076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
    },
    {
      "name": "CVE-2017-12154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12154"
    },
    {
      "name": "CVE-2017-1000363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000363"
    },
    {
      "name": "CVE-2017-8106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8106"
    },
    {
      "name": "CVE-2017-15265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
    },
    {
      "name": "CVE-2017-7487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
    },
    {
      "name": "CVE-2017-7541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7541"
    },
    {
      "name": "CVE-2017-7542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7542"
    },
    {
      "name": "CVE-2017-14140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
    },
    {
      "name": "CVE-2017-8924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8924"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2017-1000380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000380"
    },
    {
      "name": "CVE-2016-9604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
    },
    {
      "name": "CVE-2017-8890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
    },
    {
      "name": "CVE-2017-9075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9075"
    },
    {
      "name": "CVE-2017-7518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
    },
    {
      "name": "CVE-2016-10277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10277"
    },
    {
      "name": "CVE-2017-12192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
    },
    {
      "name": "CVE-2017-13080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
    }
  ],
  "initial_release_date": "2017-11-03T00:00:00",
  "last_revision_date": "2017-11-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-390",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-11-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172920-1 du 02 novembre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1/"
    }
  ]
}

CERTFR-2018-AVI-525

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans F5 BIG IP. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
F5	BIG-IP	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 11.x antérieures à 11.5.7
F5	BIG-IP	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 11.6.x antérieures à 11.6.3.3
F5	BIG-IP	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe, PSM) versions 14.x antérieures à 14.0.0.3
F5	BIG-IP	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe, PSM) versions 13.x antérieures à 13.1.1.2
F5	BIG-IP	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 12.x antérieures à 12.1.3.7

References

Title

Publication Time

Tags

Bulletin de sécurité F5 K64208870 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K26583415 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K20222812 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K80440915 du 01 novembre 2018	None	vendor-advisory
Bulletin de sécurité F5 K34652116 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K28003839 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K01067037 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K16248201 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K43625118 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K77313277 du 31 octobre 2018	None	vendor-advisory
Bulletin de sécurité F5 K60104355 du 01 novembre 2018	None	vendor-advisory
Bulletin de sécurité F5 K72442354 du 31 octobre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 11.x ant\u00e9rieures \u00e0 11.5.7",
      "product": {
        "name": "BIG-IP",
        "vendor": {
          "name": "F5",
          "scada": false
        }
      }
    },
    {
      "description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 11.6.x ant\u00e9rieures \u00e0 11.6.3.3",
      "product": {
        "name": "BIG-IP",
        "vendor": {
          "name": "F5",
          "scada": false
        }
      }
    },
    {
      "description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe, PSM) versions 14.x ant\u00e9rieures \u00e0 14.0.0.3",
      "product": {
        "name": "BIG-IP",
        "vendor": {
          "name": "F5",
          "scada": false
        }
      }
    },
    {
      "description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe, PSM) versions 13.x ant\u00e9rieures \u00e0 13.1.1.2",
      "product": {
        "name": "BIG-IP",
        "vendor": {
          "name": "F5",
          "scada": false
        }
      }
    },
    {
      "description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator, WebSafe) versions 12.x ant\u00e9rieures \u00e0 12.1.3.7",
      "product": {
        "name": "BIG-IP",
        "vendor": {
          "name": "F5",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-15318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15318"
    },
    {
      "name": "CVE-2018-15319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15319"
    },
    {
      "name": "CVE-2017-5970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5970"
    },
    {
      "name": "CVE-2018-15323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15323"
    },
    {
      "name": "CVE-2018-15322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15322"
    },
    {
      "name": "CVE-2018-15325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15325"
    },
    {
      "name": "CVE-2018-15321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15321"
    },
    {
      "name": "CVE-2018-15320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15320"
    },
    {
      "name": "CVE-2018-15326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15326"
    },
    {
      "name": "CVE-2018-15327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15327"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2018-15317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15317"
    }
  ],
  "initial_release_date": "2018-10-31T00:00:00",
  "last_revision_date": "2018-11-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-525",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-10-31T00:00:00.000000"
    },
    {
      "description": "Ajout des bulletins de s\u00e9curit\u00e9 F5 K80440915 et K60104355 du 01 novembre 2018.",
      "revision_date": "2018-11-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans F5 BIG IP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans F5 BIG IP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K64208870 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K64208870"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K26583415 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K26583415"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K20222812 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K20222812"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K80440915 du 01 novembre 2018",
      "url": "https://support.f5.com/csp/article/K80440915"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K34652116 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K34652116"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K28003839 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K28003839"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K01067037 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K01067037"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K16248201 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K16248201"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K43625118 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K43625118"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K77313277 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K77313277"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K60104355 du 01 novembre 2018",
      "url": "https://support.f5.com/csp/article/K60104355"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 F5 K72442354 du 31 octobre 2018",
      "url": "https://support.f5.com/csp/article/K72442354"
    }
  ]
}

CERTFR-2017-AVI-287

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans le noyau Linux de RedHat. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité RedHat RHSA-2017:2669 du 06 septembre 2017	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2017:2669 du 06 septembre 2017	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003c/p\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-7097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7097"
    },
    {
      "name": "CVE-2017-6951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
    },
    {
      "name": "CVE-2016-9685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9685"
    },
    {
      "name": "CVE-2017-5970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5970"
    },
    {
      "name": "CVE-2017-9074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
    },
    {
      "name": "CVE-2017-9077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9077"
    },
    {
      "name": "CVE-2017-7533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7533"
    },
    {
      "name": "CVE-2017-9076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
    },
    {
      "name": "CVE-2017-2671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2671"
    },
    {
      "name": "CVE-2016-9576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9576"
    },
    {
      "name": "CVE-2016-9806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9806"
    },
    {
      "name": "CVE-2016-7042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
    },
    {
      "name": "CVE-2016-10088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10088"
    },
    {
      "name": "CVE-2016-8645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
    },
    {
      "name": "CVE-2017-7187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7187"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2016-9604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
    },
    {
      "name": "CVE-2017-8890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
    },
    {
      "name": "CVE-2017-9075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9075"
    },
    {
      "name": "CVE-2017-6001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6001"
    },
    {
      "name": "CVE-2017-8797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8797"
    },
    {
      "name": "CVE-2015-8839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8839"
    }
  ],
  "initial_release_date": "2017-09-07T00:00:00",
  "last_revision_date": "2017-09-07T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2669 du 06 septembre    2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2669"
    }
  ],
  "reference": "CERTFR-2017-AVI-287",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-09-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de RedHat\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2669 du 06 septembre 2017",
      "url": null
    }
  ]
}

CERTFR-2018-AVI-094

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu . Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 LTS
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS
Ubuntu	Ubuntu	Ubuntu 17.10

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu usn-3582-2 du 21 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3580-1 du 21 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3583-1 du 23 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3582-1 du 21 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3583-2 du 23 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3581-2 du 21 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3581-3 du 23 février 2018	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-3581-1 du 21 février 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 17.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-12190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12190"
    },
    {
      "name": "CVE-2017-12153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12153"
    },
    {
      "name": "CVE-2017-15274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15274"
    },
    {
      "name": "CVE-2017-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
    },
    {
      "name": "CVE-2017-16525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16525"
    },
    {
      "name": "CVE-2018-5344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5344"
    },
    {
      "name": "CVE-2015-8952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8952"
    },
    {
      "name": "CVE-2017-14051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14051"
    },
    {
      "name": "CVE-2017-0750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0750"
    },
    {
      "name": "CVE-2017-17806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17806"
    },
    {
      "name": "CVE-2017-1000407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
    },
    {
      "name": "CVE-2018-5333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5333"
    },
    {
      "name": "CVE-2017-15115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15115"
    },
    {
      "name": "CVE-2017-14489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14489"
    },
    {
      "name": "CVE-2017-5754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
    },
    {
      "name": "CVE-2017-17712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17712"
    },
    {
      "name": "CVE-2017-5753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
    },
    {
      "name": "CVE-2017-17450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17450"
    },
    {
      "name": "CVE-2017-15868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15868"
    },
    {
      "name": "CVE-2017-7542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7542"
    },
    {
      "name": "CVE-2017-14140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
    },
    {
      "name": "CVE-2017-5715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2017-18017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18017"
    },
    {
      "name": "CVE-2017-8824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8824"
    },
    {
      "name": "CVE-2017-14156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14156"
    },
    {
      "name": "CVE-2017-15102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15102"
    },
    {
      "name": "CVE-2017-5669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5669"
    },
    {
      "name": "CVE-2017-12192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
    }
  ],
  "initial_release_date": "2018-02-22T00:00:00",
  "last_revision_date": "2018-02-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-094",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-02-22T00:00:00.000000"
    },
    {
      "description": "Ajout des avis de s\u00e9curit\u00e9 Ubuntu du 23 f\u00e9vrier 2018",
      "revision_date": "2018-02-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu . Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3582-2 du 21 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3582-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3580-1 du 21 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3580-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3583-1 du 23 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3583-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3582-1 du 21 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3582-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3583-2 du 23 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3583-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3581-2 du 21 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3581-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3581-3 du 23 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3581-3/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3581-1 du 21 f\u00e9vrier 2018",
      "url": "https://usn.ubuntu.com/usn/usn-3581-1/"
    }
  ]
}

CERTFR-2017-AVI-169

Vulnerability from certfr_avis

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 LTS
Ubuntu	Ubuntu	Ubuntu 17.04
Ubuntu	Ubuntu	Ubuntu 16.10
Ubuntu	Ubuntu	Ubuntu 14.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-3313-1 du 06 juin 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3312-2 du 06 juin 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3313-2 du 07 juin 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3314-1 du 07 juin 2017	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-3312-1 du 06 juin 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 17.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-8064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8064"
    },
    {
      "name": "CVE-2017-7618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7618"
    },
    {
      "name": "CVE-2017-7472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7472"
    },
    {
      "name": "CVE-2016-7917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7917"
    },
    {
      "name": "CVE-2016-7913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
    },
    {
      "name": "CVE-2017-7895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
    },
    {
      "name": "CVE-2017-0605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0605"
    },
    {
      "name": "CVE-2017-7645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7645"
    },
    {
      "name": "CVE-2017-8067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8067"
    },
    {
      "name": "CVE-2017-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7979"
    },
    {
      "name": "CVE-2017-8063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8063"
    },
    {
      "name": "CVE-2016-9083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
    },
    {
      "name": "CVE-2017-2671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2671"
    },
    {
      "name": "CVE-2017-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2596"
    },
    {
      "name": "CVE-2017-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
    },
    {
      "name": "CVE-2017-7277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7277"
    },
    {
      "name": "CVE-2016-9604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
    },
    {
      "name": "CVE-2017-6001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6001"
    },
    {
      "name": "CVE-2016-9084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
    },
    {
      "name": "CVE-2016-8632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8632"
    }
  ],
  "initial_release_date": "2017-06-07T00:00:00",
  "last_revision_date": "2017-06-07T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-169",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-06-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3313-1 du 06 juin 2017",
      "url": "https://www.ubuntu.com/usn/usn-3313-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3312-2 du 06 juin 2017",
      "url": "https://www.ubuntu.com/usn/usn-3312-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3313-2 du 07 juin 2017",
      "url": "https://www.ubuntu.com/usn/usn-3313-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3314-1 du 07 juin 2017",
      "url": "https://www.ubuntu.com/usn/usn-3314-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3312-1 du 06 juin 2017",
      "url": "https://www.ubuntu.com/usn/usn-3312-1/"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-7889 (GCVE-0-2017-7889)

Vulnerability from cvelistv5

CERTFR-2017-AVI-233

Vulnerability from certfr_avis

Solution

CERTFR-2017-AVI-383

Vulnerability from certfr_avis

Solution

CERTFR-2017-AVI-390

Vulnerability from certfr_avis

Solution

CERTFR-2018-AVI-525

Vulnerability from certfr_avis

Solution

CERTFR-2017-AVI-287

Vulnerability from certfr_avis

Solution

CERTFR-2018-AVI-094

Vulnerability from certfr_avis

Solution

CERTFR-2017-AVI-169

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature