Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
http://www.debian.org/security/2017/dsa-3981
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15
http://www.securityfocus.com/bid/100215
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
https://bugzilla.redhat.com/show_bug.cgi?id=1481136
https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6
Source: MITRE
Published: 2017-08-19
Updated: 2018-10-31
Type: CWE-416
Base Score: 7.6
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 4.9
Severity: HIGH
Base Score: 7
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1
Severity: HIGH
OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.10.14 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
132700 | RHEL 7 : kernel (RHSA-2020:0036) | Nessus | Red Hat Local Security Checks | critical |
131719 | RHEL 6 : MRG (RHSA-2019:4057) | Nessus | Red Hat Local Security Checks | high |
131675 | RHEL 7 : kernel (RHSA-2019:4058) | Nessus | Red Hat Local Security Checks | high |
127281 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0074) | Nessus | NewStart CGSL Local Security Checks | critical |
127272 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070) | Nessus | NewStart CGSL Local Security Checks | critical |
124989 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536) | Nessus | Huawei Local Security Checks | high |
124821 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1498) | Nessus | Huawei Local Security Checks | high |
119187 | Scientific Linux Security Update : kernel on SL7.x x86_64 (20181030) | Nessus | Scientific Linux Local Security Checks | high |
118990 | CentOS 7 : kernel (CESA-2018:3083) | Nessus | CentOS Local Security Checks | high |
118770 | Oracle Linux 7 : kernel (ELSA-2018-3083) | Nessus | Oracle Linux Local Security Checks | high |
118528 | RHEL 7 : kernel-rt (RHSA-2018:3096) | Nessus | Red Hat Local Security Checks | high |
118525 | RHEL 7 : kernel (RHSA-2018:3083) | Nessus | Red Hat Local Security Checks | high |
109158 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0035) (Dirty COW) (Meltdown) (Spectre) | Nessus | OracleVM Local Security Checks | high |
109156 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4071) (Dirty COW) (Meltdown) (Spectre) | Nessus | Oracle Linux Local Security Checks | high |
105352 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3340-1) | Nessus | SuSE Local Security Checks | high |
105350 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3337-1) | Nessus | SuSE Local Security Checks | high |
105349 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3336-1) | Nessus | SuSE Local Security Checks | high |
105348 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3332-1) | Nessus | SuSE Local Security Checks | high |
105290 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3323-1) | Nessus | SuSE Local Security Checks | high |
105289 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3322-1) | Nessus | SuSE Local Security Checks | high |
105288 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3321-1) | Nessus | SuSE Local Security Checks | high |
105287 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3320-1) | Nessus | SuSE Local Security Checks | high |
105286 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3318-1) | Nessus | SuSE Local Security Checks | high |
105285 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3316-1) | Nessus | SuSE Local Security Checks | high |
105283 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3313-1) | Nessus | SuSE Local Security Checks | high |
105282 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3312-1) | Nessus | SuSE Local Security Checks | high |
105281 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3309-1) | Nessus | SuSE Local Security Checks | high |
105280 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3308-1) | Nessus | SuSE Local Security Checks | high |
105278 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3305-1) | Nessus | SuSE Local Security Checks | high |
105277 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3304-1) | Nessus | SuSE Local Security Checks | high |
105276 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3303-1) | Nessus | SuSE Local Security Checks | high |
105275 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3302-1) | Nessus | SuSE Local Security Checks | high |
105274 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3301-1) | Nessus | SuSE Local Security Checks | high |
105273 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3299-1) | Nessus | SuSE Local Security Checks | high |
105272 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3293-1) | Nessus | SuSE Local Security Checks | high |
105271 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3289-1) | Nessus | SuSE Local Security Checks | high |
105270 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3287-1) | Nessus | SuSE Local Security Checks | high |
105248 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash) | Nessus | OracleVM Local Security Checks | high |
105247 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659) (BlueBorne) (Dirty COW) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
105172 | SUSE SLES11 Security Update : kernel (SUSE-SU-2017:3265-1) (KRACK) | Nessus | SuSE Local Security Checks | critical |
105147 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0173) (BlueBorne) (Stack Clash) | Nessus | OracleVM Local Security Checks | high |
105145 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658) (BlueBorne) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
105144 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657) (BlueBorne) (Stack Clash) | Nessus | Oracle Linux Local Security Checks | high |
104578 | EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245) | Nessus | Huawei Local Security Checks | high |
104454 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168) | Nessus | OracleVM Local Security Checks | high |
104453 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0167) | Nessus | OracleVM Local Security Checks | high |
104374 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
104371 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3637) | Nessus | Oracle Linux Local Security Checks | high |
104370 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636) | Nessus | Oracle Linux Local Security Checks | high |
104369 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3635) | Nessus | Oracle Linux Local Security Checks | high |
104322 | Ubuntu 14.04 LTS : linux vulnerabilities (USN-3470-1) | Nessus | Ubuntu Local Security Checks | high |
104271 | SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2908-1) (KRACK) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
103365 | Debian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash) | Nessus | Debian Local Security Checks | high |
103363 | Debian DLA-1099-1 : linux security update (BlueBorne) (Stack Clash) | Nessus | Debian Local Security Checks | high |
103354 | SUSE SLES11 Security Update : kernel (SUSE-SU-2017:2525-1) (Stack Clash) | Nessus | SuSE Local Security Checks | critical |
102922 | Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-076) | Nessus | Virtuozzo Local Security Checks | high |