CVE-2017-1000363

HIGH

Description

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

References

http://www.debian.org/security/2017/dsa-3945

http://www.securityfocus.com/bid/98651

https://alephsecurity.com/vulns/aleph-2017023

Details

Source: MITRE

Published: 2017-07-17

Updated: 2018-10-30

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (41 total)

ID	Name	Product	Family	Severity
124837	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1516)	Nessus	Huawei Local Security Checks	critical
121997	Photon OS 2.0: Linux PHSA-2018-2.0-0101	Nessus	PhotonOS Local Security Checks	high
119423	Photon OS 2.0: Linux PHSA-2018-2.0-0101 (deprecated)	Nessus	PhotonOS Local Security Checks	high
106469	OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0015) (BlueBorne) (Meltdown) (Spectre) (Stack Clash)	Nessus	OracleVM Local Security Checks	critical
105248	OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)	Nessus	OracleVM Local Security Checks	high
105247	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659) (BlueBorne) (Dirty COW) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	high
105147	OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash)	Nessus	OracleVM Local Security Checks	high
105145	Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658) (BlueBorne) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	high
105144	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657) (BlueBorne) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	high
104454	OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168)	Nessus	OracleVM Local Security Checks	high
104374	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)	Nessus	SuSE Local Security Checks	critical
104371	Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3637)	Nessus	Oracle Linux Local Security Checks	high
104370	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636)	Nessus	Oracle Linux Local Security Checks	high
104271	SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash)	Nessus	SuSE Local Security Checks	critical
103363	Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash)	Nessus	Debian Local Security Checks	high
103354	SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2525-1) (Stack Clash)	Nessus	SuSE Local Security Checks	critical
103110	SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2389-1) (Stack Clash)	Nessus	SuSE Local Security Checks	high
102774	OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0145) (Stack Clash)	Nessus	OracleVM Local Security Checks	critical
102773	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	critical
102550	Debian DSA-3945-1 : linux - security update (Stack Clash)	Nessus	Debian Local Security Checks	high
102064	OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0126) (Stack Clash)	Nessus	OracleVM Local Security Checks	critical
102059	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3595) (Stack Clash)	Nessus	Oracle Linux Local Security Checks	critical
101156	Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3345-1)	Nessus	Ubuntu Local Security Checks	high
101155	Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3344-2)	Nessus	Ubuntu Local Security Checks	high
101154	Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities (USN-3344-1)	Nessus	Ubuntu Local Security Checks	high
101153	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3343-2)	Nessus	Ubuntu Local Security Checks	critical
101152	Ubuntu 14.04 LTS : linux vulnerabilities (USN-3343-1)	Nessus	Ubuntu Local Security Checks	high
101151	Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3342-2)	Nessus	Ubuntu Local Security Checks	high
101150	Ubuntu 16.10 : linux, linux-raspi2 vulnerabilities (USN-3342-1)	Nessus	Ubuntu Local Security Checks	high
100933	Ubuntu 14.04 LTS : linux, linux-meta vulnerabilities (USN-3335-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100932	Ubuntu 14.04 LTS : linux-lts-xenial, linux-meta-lts-xenial vulnerabilities (USN-3334-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100931	Ubuntu 16.04 LTS : linux-hwe, linux-meta-hwe vulnerabilities (USN-3333-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100930	Ubuntu 16.04 LTS : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3332-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100929	Ubuntu 16.04 LTS : linux-aws, linux-meta-aws vulnerabilities (USN-3331-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100928	Ubuntu 16.04 LTS : linux-meta-snapdragon, linux-snapdragon vulnerabilities (USN-3330-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100927	Ubuntu 16.04 LTS : linux-gke, linux-meta-gke vulnerabilities (USN-3329-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100926	Ubuntu 16.04 LTS : linux, linux-meta vulnerabilities (USN-3328-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100925	Ubuntu 16.10 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3327-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100924	Ubuntu 16.10 : linux, linux-meta vulnerabilities (USN-3326-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100923	Ubuntu 17.04 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3325-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high
100922	Ubuntu 17.04 : linux, linux-meta vulnerabilities (USN-3324-1) (Stack Clash)	Nessus	Ubuntu Local Security Checks	high