CVE-2017-1000363

HIGH

Description

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

References

http://www.debian.org/security/2017/dsa-3945

http://www.securityfocus.com/bid/98651

https://alephsecurity.com/vulns/aleph-2017023

Details

Source: MITRE

Published: 2017-07-17

Updated: 2018-10-30

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
124837EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1516)NessusHuawei Local Security Checks
critical
121997Photon OS 2.0: Linux PHSA-2018-2.0-0101NessusPhotonOS Local Security Checks
high
119423Photon OS 2.0: Linux PHSA-2018-2.0-0101 (deprecated)NessusPhotonOS Local Security Checks
high
106469OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0015) (BlueBorne) (Meltdown) (Spectre) (Stack Clash)NessusOracleVM Local Security Checks
critical
105248OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracleVM Local Security Checks
high
105247Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracle Linux Local Security Checks
high
105147OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash)NessusOracleVM Local Security Checks
high
105145Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658) (BlueBorne) (Stack Clash)NessusOracle Linux Local Security Checks
high
105144Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657) (BlueBorne) (Stack Clash)NessusOracle Linux Local Security Checks
high
104454OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168)NessusOracleVM Local Security Checks
high
104374SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)NessusSuSE Local Security Checks
critical
104371Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3637)NessusOracle Linux Local Security Checks
high
104370Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636)NessusOracle Linux Local Security Checks
high
104271SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash)NessusSuSE Local Security Checks
critical
103363Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash)NessusDebian Local Security Checks
high
103354SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2525-1) (Stack Clash)NessusSuSE Local Security Checks
critical
103110SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2389-1) (Stack Clash)NessusSuSE Local Security Checks
high
102774OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0145) (Stack Clash)NessusOracleVM Local Security Checks
critical
102773Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609) (Stack Clash)NessusOracle Linux Local Security Checks
critical
102550Debian DSA-3945-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
high
102064OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0126) (Stack Clash)NessusOracleVM Local Security Checks
critical
102059Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3595) (Stack Clash)NessusOracle Linux Local Security Checks
critical
101156Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3345-1)NessusUbuntu Local Security Checks
high
101155Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3344-2)NessusUbuntu Local Security Checks
high
101154Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3344-1)NessusUbuntu Local Security Checks
high
101153Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3343-2)NessusUbuntu Local Security Checks
critical
101152Ubuntu 14.04 LTS : linux vulnerabilities (USN-3343-1)NessusUbuntu Local Security Checks
high
101151Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3342-2)NessusUbuntu Local Security Checks
high
101150Ubuntu 16.10 : linux, linux-raspi2 vulnerabilities (USN-3342-1)NessusUbuntu Local Security Checks
high
100933Ubuntu 14.04 LTS : linux, linux-meta vulnerabilities (USN-3335-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100932Ubuntu 14.04 LTS : linux-lts-xenial, linux-meta-lts-xenial vulnerabilities (USN-3334-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100931Ubuntu 16.04 LTS : linux-hwe, linux-meta-hwe vulnerabilities (USN-3333-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100930Ubuntu 16.04 LTS : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3332-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100929Ubuntu 16.04 LTS : linux-aws, linux-meta-aws vulnerabilities (USN-3331-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100928Ubuntu 16.04 LTS : linux-meta-snapdragon, linux-snapdragon vulnerabilities (USN-3330-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100927Ubuntu 16.04 LTS : linux-gke, linux-meta-gke vulnerabilities (USN-3329-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100926Ubuntu 16.04 LTS : linux, linux-meta vulnerabilities (USN-3328-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100925Ubuntu 16.10 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3327-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100924Ubuntu 16.10 : linux, linux-meta vulnerabilities (USN-3326-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100923Ubuntu 17.04 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3325-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100922Ubuntu 17.04 : linux, linux-meta vulnerabilities (USN-3324-1) (Stack Clash)NessusUbuntu Local Security Checks
high