The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:N/C:N/I:N/A:C
Vendors Products
Redhat
  • Enterprise Linux Server
  • Virtualization Host
  • Enterprise Linux Server Eus
  • Enterprise Linux Server Tus
  • Enterprise Linux Desktop
  • Enterprise Linux Workstation
  • Enterprise Linux Server Aus
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Linux
  • Linux Kernel

Configuration 1 [-]

OR cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.15:rc2:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
References
Link Resource
http://www.openwall.com/lists/oss-security/2017/12/04/2 Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/102038 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:0676 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1062 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1170
https://access.redhat.com/security/cve/cve-2017-1000407 Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html Mailing List Third Party Advisory
https://usn.ubuntu.com/3583-1/ Third Party Advisory
https://usn.ubuntu.com/3583-2/ Third Party Advisory
https://usn.ubuntu.com/3617-1/ Third Party Advisory
https://usn.ubuntu.com/3617-2/ Third Party Advisory
https://usn.ubuntu.com/3619-1/ Third Party Advisory
https://usn.ubuntu.com/3619-2/ Third Party Advisory
https://usn.ubuntu.com/3632-1/ Third Party Advisory
https://www.debian.org/security/2017/dsa-4073 Third Party Advisory
https://www.debian.org/security/2018/dsa-4082 Third Party Advisory
https://www.spinics.net/lists/kvm/msg159809.html Patch
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-12-11T21:00:00

Updated: 2019-05-14T21:06:12

Reserved: 2017-12-05T00:00:00

Link: CVE-2017-1000407

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2017-12-11T21:29:00.297

Modified: 2019-05-14T22:29:01.210

Link: CVE-2017-1000407

JSON object: View

cve-icon Redhat Information

No data.

CWE