mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
177 lines
6.6 KiB
JSON
177 lines
6.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2017-17805",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "RHSA-2018:3083",
|
|
"refsource": "REDHAT",
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
|
|
},
|
|
{
|
|
"name": "USN-3617-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3617-1/"
|
|
},
|
|
{
|
|
"name": "USN-3619-2",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3619-2/"
|
|
},
|
|
{
|
|
"name": "DSA-4082",
|
|
"refsource": "DEBIAN",
|
|
"url": "https://www.debian.org/security/2018/dsa-4082"
|
|
},
|
|
{
|
|
"name": "USN-3617-3",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3617-3/"
|
|
},
|
|
{
|
|
"name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update",
|
|
"refsource": "MLIST",
|
|
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
|
|
},
|
|
{
|
|
"name": "SUSE-SU-2018:0012",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
|
|
},
|
|
{
|
|
"name": "SUSE-SU-2018:0011",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
|
|
},
|
|
{
|
|
"name": "USN-3632-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3632-1/"
|
|
},
|
|
{
|
|
"name": "USN-3620-2",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3620-2/"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2018:0022",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
|
|
},
|
|
{
|
|
"name": "102291",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/102291"
|
|
},
|
|
{
|
|
"name": "RHSA-2018:2948",
|
|
"refsource": "REDHAT",
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
|
|
},
|
|
{
|
|
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8"
|
|
},
|
|
{
|
|
"name": "SUSE-SU-2018:0010",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
|
|
},
|
|
{
|
|
"name": "DSA-4073",
|
|
"refsource": "DEBIAN",
|
|
"url": "https://www.debian.org/security/2017/dsa-4073"
|
|
},
|
|
{
|
|
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e"
|
|
},
|
|
{
|
|
"name": "USN-3617-2",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3617-2/"
|
|
},
|
|
{
|
|
"name": "https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e"
|
|
},
|
|
{
|
|
"name": "USN-3620-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3620-1/"
|
|
},
|
|
{
|
|
"name": "RHSA-2018:3096",
|
|
"refsource": "REDHAT",
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
|
|
},
|
|
{
|
|
"name": "USN-3619-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "https://usn.ubuntu.com/3619-1/"
|
|
},
|
|
{
|
|
"name": "openSUSE-SU-2018:0023",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2019:2473",
|
|
"url": "https://access.redhat.com/errata/RHSA-2019:2473"
|
|
}
|
|
]
|
|
}
|
|
} |