The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-12173 | It was found that sssd\'s sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it. | MEDIUM | Jul 28, 2018 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2017-12678 | In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | MEDIUM | Aug 7, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13077 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the pairwise key in the four-way handshake. | MEDIUM | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13078 | Wi-Fi Protected Access (WPA and WPA2) allowsreinstallation of the group key in the Four-way handshake. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13079 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Four-way handshake. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13080 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key in the Group Key handshake. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13081 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Group Key handshake. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13082 | Wi-Fi Protected Access (WPA and WPA2) accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it. | MEDIUM | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13086 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. | MEDIUM | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13087 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13088 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. | LOW | Oct 16, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13720 | In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because \'\\0\' characters are incorrectly skipped in situations involving ? characters. | LOW | Oct 11, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13721 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. | LOW | Oct 9, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13722 | In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. | LOW | Oct 11, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13723 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. | MEDIUM | Oct 9, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13726 | There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-13727 | There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-14166 | libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c. | Medium | Sep 8, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-14502 | read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. | Medium | Sep 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-14632 | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. | HIGH | Sep 21, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-14633 | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | MEDIUM | Sep 21, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-14634 | In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | MEDIUM | Sep 21, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-15038 | Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. | LOW | Oct 9, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-15124 | VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host. | HIGH | Jan 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-15268 | Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | MEDIUM | Oct 12, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-15289 | The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation. | Low | Oct 24, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-15873 | The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | MEDIUM | Oct 24, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-16544 | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | MEDIUM | Nov 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-16611 | In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files. | LOW | Dec 5, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-16803 | In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream. | MEDIUM | Nov 18, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-16808 | tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. | MEDIUM | Nov 15, 2017 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2017-17095 | tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. | MEDIUM | Dec 2, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17381 | The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. | LOW | Dec 6, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17456 | The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14245. | MEDIUM | Dec 7, 2017 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2017-17457 | The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14246. | MEDIUM | Dec 7, 2017 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2017-17810 | In Netwide Assembler (NASM) 2.14rc0, there is a SEGV on unknown address that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17811 | In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17812 | In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17813 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17814 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17815 | In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17816 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17817 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17818 | In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17819 | In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17820 | In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors. | MEDIUM | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-17821 | WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length. | HIGH | Dec 20, 2017 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-18013 | In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. | MEDIUM | Jan 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-18043 | Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash). | Low | Feb 21, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-18207 | ** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications need to be prepared to handle a wide variety of exceptions. | MEDIUM | Mar 23, 2018 | 10.18.44.14 (Wind River Linux LTS 18) |