admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-177xx/CVE-2017-17741.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

174 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-17741",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-18T08:29:00.210",
"lastModified": "2018-04-25T01:29:02.647",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h."
},
{
"lang": "es",
"value": "La implementaci\u00f3n KVM en el kernel de Linux hasta la versi\u00f3n 4.14.7 permite que atacantes remotos obtengan informaci\u00f3n potencialmente sensible de la memoria del kernel. Esto tambi\u00e9n se conoce como una lectura fuera de l\u00edmites basada en pila write_mmio y est\u00e1 relacionado con arch/x86/kvm/x86.c e include/trace/events/kvm.h."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.14.7",
"matchCriteriaId": "CCF53DC7-5CFD-4A54-AABC-71D623665F85"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/102227",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3617-1/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3617-2/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3617-3/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3619-1/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3619-2/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3620-1/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3620-2/",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3632-1/",
"source": "cve@mitre.org"
},
{
"url": "https://www.debian.org/security/2017/dsa-4073",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2018/dsa-4082",
"source": "cve@mitre.org"
},
{
"url": "https://www.spinics.net/lists/kvm/msg160796.html",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink