CVE-2017-16994
Linux Kernel - 'mincore()' Uninitialized Kernel Heap Page Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
5Exploited in Wild
-Decision
Descriptions
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
La funciĆ³n walk_hugetlb_range en mm/pagewalk.c en el kernel de Linux en versiones anteriores a la 4.14.2 gestiona de manera incorrecta los agujeros en los rangos hugetlb, lo que permite que usuarios locales obtengan informaciĆ³n sensible de la memoria del kernel no inicializada mediante el uso manipulado de la llamada del sistema mincore().
The walk_hugetlb_range() function in 'mm/pagewalk.c' file in the Linux kernel from v4.0-rc1 through v4.15-rc1 mishandles holes in hugetlb ranges. This allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-03 CVE Published
- 2017-11-27 CVE Reserved
- 2017-12-11 First Exploit
- 2023-05-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (18)
URL | Tag | Source |
---|---|---|
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2 | Release Notes | |
http://www.securityfocus.com/bid/101969 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/43178 | 2024-08-05 | |
https://www.exploit-db.com/exploits/44304 | 2017-12-11 | |
https://www.exploit-db.com/exploits/44303 | 2017-12-11 | |
https://github.com/jedai47/CVE-2017-16994 | 2024-05-22 | |
https://bugs.chromium.org/p/project-zero/issues/detail?id=1431 | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:0502 | 2018-04-25 | |
https://usn.ubuntu.com/3617-1 | 2018-04-25 | |
https://usn.ubuntu.com/3617-2 | 2018-04-25 | |
https://usn.ubuntu.com/3617-3 | 2018-04-25 | |
https://usn.ubuntu.com/3619-1 | 2018-04-25 | |
https://usn.ubuntu.com/3619-2 | 2018-04-25 | |
https://usn.ubuntu.com/3632-1 | 2018-04-25 | |
https://access.redhat.com/security/cve/CVE-2017-16994 | 2018-03-13 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1518155 | 2018-03-13 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.14.2 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.2" | - |
Affected
|