The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-11335 | There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. | Medium | Jul 20, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-11368 | In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. | MEDIUM | Aug 9, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-11613 | In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer. | MEDIUM | Jul 26, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-11714 | psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | Medium | Aug 4, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12150 | It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce SMB signing when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | MEDIUM | Nov 8, 2017 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12151 | A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. | MEDIUM | Nov 8, 2017 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12153 | A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. | MEDIUM | Sep 21, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-12154 | The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 controls exist in cases where L1 omits the use TPR shadow vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register. | LOW | Sep 26, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-12163 | An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. | MEDIUM | Nov 8, 2017 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12172 | PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server. | HIGH | Nov 22, 2017 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12176 | xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12177 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12178 | xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12179 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12180 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12181 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12182 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12183 | xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12184 | xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12185 | xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12186 | xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12187 | xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | HIGH | Jan 24, 2018 | 10.17.41.4 (Wind River Linux LTS 17) |
CVE-2017-12188 | arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an MMU potential stack buffer overrun. | MEDIUM | Oct 11, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-12190 | The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition. | MEDIUM | Nov 22, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-12192 | A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCL_READ on negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel. | MEDIUM | Oct 11, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-12193 | The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations. | MEDIUM | Nov 22, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-12424 | In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. | HIGH | Aug 4, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12448 | The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12449 | The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12450 | The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12451 | The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12452 | The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12453 | The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12454 | The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12455 | The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12456 | The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12457 | The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12458 | The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12459 | The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12588 | The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | HIGH | Aug 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12597 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12598 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. | Medium | Aug 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12600 | OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. | High | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12601 | OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12602 | OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case. | High | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12603 | OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12604 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12605 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12606 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12652 | libpng before 1.6.32 does not properly check the length of chunks against the user limit. | HIGH | Jul 10, 2019 | 10.17.41.17 (Wind River Linux LTS 17) |