Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 2474 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2017-18204 The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. LOW Mar 1, 2018 10.17.41.6 (Wind River Linux LTS 17)
CVE-2017-18216 In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used. LOW Mar 8, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2017-18224 In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. LOW Mar 11, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2017-18232 The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. LOW Mar 15, 2018 10.17.41.8 (Wind River Linux LTS 17)
CVE-2018-1050 All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. LOW Mar 13, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2018-7755 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR. LOW Mar 8, 2018 10.17.41.8 (Wind River Linux LTS 17)
CVE-2018-7757 Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file. LOW Mar 8, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2018-8043 The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). LOW Mar 10, 2018 10.17.41.8 (Wind River Linux LTS 17)
CVE-2017-16911 The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP. Low Feb 16, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2017-18043 Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash). Low Feb 21, 2018 10.17.41.5 (Wind River Linux LTS 17)
CVE-2018-1053 In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file. LOW Feb 14, 2018 10.17.41.5 (Wind River Linux LTS 17)
CVE-2018-7170 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim\'s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. Low Feb 27, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2018-7260 Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. LOW Feb 22, 2018 10.17.41.5 (Wind River Linux LTS 17)
CVE-2018-5750 The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. LOW Jan 26, 2018 10.17.41.7 (Wind River Linux LTS 17)
CVE-2018-5683 The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. LOW Jan 23, 2018 10.17.41.4 (Wind River Linux LTS 17)
CVE-2017-18018 In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. LOW Jan 3, 2018 10.17.41.15 (Wind River Linux LTS 17)
CVE-2017-17741 The KVM implementation in the Linux kernel through 4.14.7 allows attackers to cause a denial of service (write_mmio stack-based out-of-bounds read) or possibly have unspecified other impact, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. LOW Dec 18, 2017 10.17.41.7 (Wind River Linux LTS 17)
CVE-2017-17807 The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task\'s default request-key keyring via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c. LOW Dec 20, 2017 10.17.41.7 (Wind River Linux LTS 17)
CVE-2017-17864 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a pointer leak. LOW Dec 27, 2017 10.17.41.4 (Wind River Linux LTS 17)
CVE-2017-16611 In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files. LOW Dec 5, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2017-17087 fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor\'s primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382. LOW Dec 1, 2017 10.17.41.3 (Wind River Linux LTS 17)
CVE-2017-17381 The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. LOW Dec 6, 2017 10.17.41.4 (Wind River Linux LTS 17)
CVE-2017-17449 The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system. LOW Dec 6, 2017 10.17.41.4 (Wind River Linux LTS 17)
CVE-2017-16994 The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call. LOW Nov 27, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-15289 The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation. Low Oct 24, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-13078 Wi-Fi Protected Access (WPA and WPA2) allowsreinstallation of the group key in the Four-way handshake. LOW Oct 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13079 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Four-way handshake. LOW Oct 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13080 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key in the Group Key handshake. LOW Oct 16, 2017 10.17.41.25 (Wind River Linux LTS 17)
CVE-2017-13081 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Group Key handshake. LOW Oct 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13087 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. LOW Oct 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13088 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. LOW Oct 16, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13720 In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because \'\\0\' characters are incorrectly skipped in situations involving ? characters. LOW Oct 11, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-13721 In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. LOW Oct 9, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-13722 In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. LOW Oct 11, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-14991 The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0. LOW Oct 7, 2017 10.17.41.2 (Wind River Linux LTS 17)
CVE-2017-15038 Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. LOW Oct 9, 2017 10.17.41.5 (Wind River Linux LTS 17)
CVE-2017-1000252 The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c. LOW Sep 26, 2017 10.17.41.2 (Wind River Linux LTS 17)
CVE-2017-12154 The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 controls exist in cases where L1 omits the use TPR shadow vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register. LOW Sep 26, 2017 10.17.41.2 (Wind River Linux LTS 17)
CVE-2017-1000250 All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. LOW Sep 12, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2017-13672 QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. Low Sep 5, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2014-9913 Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. Low Jan 20, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2016-9844 Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. LOW Jan 20, 2017 10.17.41.1 (Wind River Linux LTS 17)
CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. HIGH Jul 5, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption of the return address pointer of the do_i2c_md function. HIGH Jun 30, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-2068 In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). HIGH Jun 21, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-31813 Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. HIGH Jun 9, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-30790 Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. HIGH Jun 8, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-1966 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. HIGH Jun 4, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-26691 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. HIGH May 27, 2022 10.17.41.27 (Wind River Linux LTS 17)
CVE-2022-1664 Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. HIGH May 26, 2022 10.17.41.27 (Wind River Linux LTS 17)
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online