SB2017112829 - Fedora 25 update for kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017112829

SB2017112829 - Fedora 25 update for kernel

Published: November 28, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017112829
Severity
Low
Patch available
YES
Number of vulnerabilities 9
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.


1) Divide by zero (CVE-ID: CVE-2017-16649)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger divide-by-zero error and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Divide by zero (CVE-ID: CVE-2017-16650)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger divide-by-zero error and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Error handling (CVE-ID: CVE-2017-16644)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger improper error handling and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Null pointer dereference (CVE-ID: CVE-2017-16647)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in drivers/net/usb/asix_devices.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger null pointer dereference and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Out-of-bounds read (CVE-ID: CVE-2017-16643)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel. A local attacker can use a specially crafted USB device and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

6) Out-of-bounds read (CVE-ID: CVE-2017-16645)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger ims_pcu_parse_cdc_data out-of-bounds read and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

7) Denial of service (CVE-ID: CVE-2017-16646)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger a BUG and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

8) Use after free (CVE-ID: CVE-2017-16648)

The vulnerability allows a local user to execute arbitrary code.

The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.


9) Information disclosure (CVE-ID: CVE-2017-16994)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to the walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel mishandles holes in hugetlb ranges. A local attacker can make specially crafted mincore() system call and obtain sensitive information from uninitialized kernel memory.

Remediation

Install update from vendor's website.

References