[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-1000405":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":59,"duplicate_of":9,"upstream":60,"downstream":61,"duplicates":118,"related":119,"reserved_at":9,"published_at":139,"modified_at":140,"state":141,"summary":142,"references_raw":149,"kevs":185,"epss":186,"epss_history":189,"metrics":439,"affected":450},"CVE-2017-1000405","The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original \"Dirty cow\" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[29,38,51],{"_key":30,"name":31,"source":32,"url":33,"maturity":34,"reliability_score":35,"verified":36,"type":9,"platforms":37,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_3EFDDF4535A99584","Exploit Reference (medium.com)","reference","https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0","unknown",0.2,false,[],{"_key":39,"name":40,"source":41,"url":42,"maturity":43,"reliability_score":44,"verified":36,"type":45,"platforms":46,"requires_auth":9,"exploitdb":48,"metasploit":9},"43199","Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (1)","exploit-database","https://www.exploit-db.com/exploits/43199","poc",0.5,"dos",[47],"linux",{"verified":36,"type":45,"platform":47,"file":49,"codes":50},"exploits/linux/dos/43199.c",[7],{"_key":52,"name":53,"source":41,"url":54,"maturity":43,"reliability_score":44,"verified":36,"type":45,"platforms":55,"requires_auth":9,"exploitdb":56,"metasploit":9},"44305","Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (2)","https://www.exploit-db.com/exploits/44305",[47],{"verified":36,"type":45,"platform":47,"file":57,"codes":58},"exploits/linux/dos/44305.c",[7],[],[],[62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116],{"_key":63},"SUSE-SU-2017:3310-1",{"_key":65},"SUSE-SU-2017:3210-1",{"_key":67},"SUSE-SU-2017:3225-1",{"_key":69},"SUSE-SU-2017:3226-1",{"_key":71},"SUSE-SU-2017:3249-1",{"_key":73},"SUSE-SU-2017:3284-1",{"_key":75},"SUSE-SU-2017:3285-1",{"_key":77},"SUSE-SU-2017:3286-1",{"_key":79},"SUSE-SU-2017:3295-1",{"_key":81},"SUSE-SU-2017:3296-1",{"_key":83},"SUSE-SU-2017:3297-1",{"_key":85},"SUSE-SU-2017:3300-1",{"_key":87},"SUSE-SU-2017:3314-1",{"_key":89},"SUSE-SU-2017:3317-1",{"_key":91},"SUSE-SU-2017:3319-1",{"_key":93},"SUSE-SU-2017:3324-1",{"_key":95},"SUSE-SU-2018:0213-1",{"_key":97},"SUSE-SU-2020:3400-1",{"_key":99},"SUSE-SU-2020:3449-1",{"_key":101},"USN-3507-2",{"_key":103},"USN-3508-2",{"_key":105},"USN-3509-2",{"_key":107},"USN-3511-1",{"_key":109},"UBUNTU-CVE-2017-1000405",{"_key":111},"USN-3509-1",{"_key":113},"USN-3510-1",{"_key":115},"DEBIAN-CVE-2017-1000405",{"_key":117},"RHSA-2018:0180",[],[120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138],{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":99},"2017-11-30T22:00:00.000Z","2024-08-05T22:00:40.830Z","Modified",{"cisa_kev":36,"cisa_ransomware":36,"cisa_vendor":9,"epss_severity":143,"epss_score":144,"severity":145,"severity_score":4,"severity_version":146,"severity_source":147,"severity_vector":148,"severity_status":141},"low",0.07275,"high","v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",[150,158,164,170,175,180],{"url":151,"sources":152,"tags":154},"http://www.securityfocus.com/bid/102032",[153,147],"cve.org",[155,156,157],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":159,"sources":160,"tags":161},"https://access.redhat.com/errata/RHSA-2018:0180",[153,147],[162,163,157],"Vendor Advisory","X Refsource REDHAT",{"url":33,"sources":165,"tags":166},[153,147],[167,168,169,157],"X Refsource MISC","Exploit","Issue Tracking",{"url":171,"sources":172,"tags":173},"https://source.android.com/security/bulletin/pixel/2018-02-01",[153,147],[174,157],"X Refsource CONFIRM",{"url":176,"sources":177,"tags":178},"http://www.securitytracker.com/id/1040020",[153,147],[155,179,157],"X Refsource SECTRACK",{"url":181,"sources":182,"tags":183},"https://www.exploit-db.com/exploits/43199/",[153,147],[168,184,169,157,155],"X Refsource EXPLOIT DB",[],{"date":187,"score":144,"percentile":188},"2026-06-03",0.91796,[190,194,197,200,202,205,207,210,212,215,218,221,224,227,230,233,236,239,242,244,247,250,253,255,259,262,265,268,271,274,277,280,282,284,286,289,293,296,299,302,305,307,310,312,315,318,320,322,325,328,330,333,335,337,340,343,346,349,352,355,358,361,364,366,369,372,375,378,381,383,386,388,391,393,396,399,402,405,407,410,413,416,418,421,423,425,428,431,433,436],{"date":191,"score":192,"percentile":193},"2025-11-04",0.04454,0.88546,{"date":195,"score":192,"percentile":196},"2025-11-05",0.88545,{"date":198,"score":192,"percentile":199},"2025-11-06",0.88538,{"date":201,"score":192,"percentile":196},"2025-11-07",{"date":203,"score":192,"percentile":204},"2025-11-08",0.88548,{"date":206,"score":192,"percentile":196},"2025-11-09",{"date":208,"score":192,"percentile":209},"2025-11-10",0.88543,{"date":211,"score":192,"percentile":204},"2025-11-11",{"date":213,"score":192,"percentile":214},"2025-11-12",0.88555,{"date":216,"score":192,"percentile":217},"2025-11-13",0.88559,{"date":219,"score":192,"percentile":220},"2025-11-14",0.88563,{"date":222,"score":192,"percentile":223},"2025-11-15",0.88558,{"date":225,"score":192,"percentile":226},"2025-11-16",0.88561,{"date":228,"score":192,"percentile":229},"2025-11-17",0.88557,{"date":231,"score":192,"percentile":232},"2025-11-18",0.8796,{"date":234,"score":192,"percentile":235},"2025-11-19",0.87964,{"date":237,"score":192,"percentile":238},"2025-11-20",0.87968,{"date":240,"score":192,"percentile":241},"2025-11-21",0.8857,{"date":243,"score":192,"percentile":241},"2025-11-22",{"date":245,"score":192,"percentile":246},"2025-11-23",0.88566,{"date":248,"score":192,"percentile":249},"2025-11-24",0.88567,{"date":251,"score":192,"percentile":252},"2025-11-25",0.88569,{"date":254,"score":192,"percentile":249},"2025-11-26",{"date":256,"score":257,"percentile":258},"2025-11-27",0.04544,0.88685,{"date":260,"score":257,"percentile":261},"2025-11-28",0.88677,{"date":263,"score":257,"percentile":264},"2025-11-29",0.88751,{"date":266,"score":257,"percentile":267},"2025-11-30",0.88747,{"date":269,"score":257,"percentile":270},"2025-12-01",0.88806,{"date":272,"score":257,"percentile":273},"2025-12-02",0.88807,{"date":275,"score":257,"percentile":276},"2025-12-03",0.88805,{"date":278,"score":257,"percentile":279},"2025-12-04",0.88746,{"date":281,"score":257,"percentile":267},"2025-12-05",{"date":283,"score":257,"percentile":267},"2025-12-06",{"date":285,"score":257,"percentile":279},"2025-12-07",{"date":287,"score":257,"percentile":288},"2025-12-08",0.88748,{"date":290,"score":291,"percentile":292},"2025-12-09",0.04492,0.88687,{"date":294,"score":291,"percentile":295},"2025-12-10",0.88704,{"date":297,"score":291,"percentile":298},"2025-12-11",0.88705,{"date":300,"score":291,"percentile":301},"2025-12-12",0.88707,{"date":303,"score":291,"percentile":304},"2025-12-13",0.88709,{"date":306,"score":291,"percentile":304},"2025-12-14",{"date":308,"score":291,"percentile":309},"2025-12-15",0.88711,{"date":311,"score":291,"percentile":309},"2025-12-16",{"date":313,"score":291,"percentile":314},"2025-12-17",0.88715,{"date":316,"score":291,"percentile":317},"2025-12-18",0.88722,{"date":319,"score":291,"percentile":317},"2025-12-19",{"date":321,"score":291,"percentile":317},"2025-12-20",{"date":323,"score":291,"percentile":324},"2025-12-21",0.88729,{"date":326,"score":291,"percentile":327},"2025-12-22",0.88727,{"date":329,"score":291,"percentile":324},"2025-12-23",{"date":331,"score":291,"percentile":332},"2025-12-24",0.88737,{"date":334,"score":291,"percentile":267},"2025-12-25",{"date":336,"score":291,"percentile":267},"2025-12-26",{"date":338,"score":291,"percentile":339},"2025-12-27",0.88788,{"date":341,"score":291,"percentile":342},"2025-12-28",0.8874,{"date":344,"score":291,"percentile":345},"2025-12-29",0.88736,{"date":347,"score":291,"percentile":348},"2025-12-30",0.88744,{"date":350,"score":291,"percentile":351},"2025-12-31",0.88754,{"date":353,"score":291,"percentile":354},"2026-01-01",0.88819,{"date":356,"score":291,"percentile":357},"2026-01-02",0.88814,{"date":359,"score":291,"percentile":360},"2026-01-03",0.88811,{"date":362,"score":291,"percentile":363},"2026-01-04",0.88749,{"date":365,"score":291,"percentile":279},"2026-01-05",{"date":367,"score":291,"percentile":368},"2026-01-06",0.8875,{"date":370,"score":291,"percentile":371},"2026-01-07",0.88752,{"date":373,"score":291,"percentile":374},"2026-01-08",0.88758,{"date":376,"score":291,"percentile":377},"2026-01-09",0.88763,{"date":379,"score":291,"percentile":380},"2026-01-10",0.88764,{"date":382,"score":291,"percentile":374},"2026-01-11",{"date":384,"score":291,"percentile":385},"2026-01-12",0.88755,{"date":387,"score":291,"percentile":371},"2026-01-13",{"date":389,"score":291,"percentile":390},"2026-01-14",0.88765,{"date":392,"score":291,"percentile":380},"2026-01-15",{"date":394,"score":291,"percentile":395},"2026-01-16",0.88772,{"date":397,"score":291,"percentile":398},"2026-01-17",0.88775,{"date":400,"score":291,"percentile":401},"2026-01-18",0.88774,{"date":403,"score":291,"percentile":404},"2026-01-19",0.88771,{"date":406,"score":291,"percentile":398},"2026-01-20",{"date":408,"score":291,"percentile":409},"2026-01-21",0.88781,{"date":411,"score":291,"percentile":412},"2026-01-22",0.88785,{"date":414,"score":291,"percentile":415},"2026-01-23",0.88797,{"date":417,"score":291,"percentile":276},"2026-01-24",{"date":419,"score":291,"percentile":420},"2026-01-25",0.88804,{"date":422,"score":291,"percentile":270},"2026-01-26",{"date":424,"score":291,"percentile":270},"2026-01-27",{"date":426,"score":291,"percentile":427},"2026-01-28",0.88808,{"date":429,"score":291,"percentile":430},"2026-01-29",0.88813,{"date":432,"score":291,"percentile":430},"2026-01-30",{"date":434,"score":291,"percentile":435},"2026-01-31",0.88809,{"date":437,"score":291,"percentile":438},"2026-02-01",0.88872,[440],{"source":147,"cvss_v2_0":441,"cvss_v3_0":9,"cvss_v3_1":446,"cvss_v4_0":9},{"baseScore":442,"baseSeverity":9,"vectorString":443,"impactScore":444,"exploitabilityScore":445},6.9,"AV:L/AC:M/Au:N/C:C/I:C/A:C",10,3.4,{"baseScore":4,"baseSeverity":447,"vectorString":148,"impactScore":448,"exploitabilityScore":449},"HIGH",9.8,2.6,[451],{"ecosystem":9,"name":452,"vendor":47,"product":453,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":455},"linux kernel","linux_kernel","o",[456,464,468,472,476,480,484,488,492],{"version":457,"is_range":458,"range_type":459,"version_start":460,"version_start_type":461,"version_end":462,"version_end_type":463,"fixed_in":9},"gte3.2.87_lt3.3",true,"cpe","3.2.87","including","3.3","excluding",{"version":465,"is_range":458,"range_type":459,"version_start":466,"version_start_type":461,"version_end":467,"version_end_type":463,"fixed_in":9},"gte3.10.106_lt3.11","3.10.106","3.11",{"version":469,"is_range":458,"range_type":459,"version_start":470,"version_start_type":461,"version_end":471,"version_end_type":463,"fixed_in":9},"gte3.12.73_lt3.13","3.12.73","3.13",{"version":473,"is_range":458,"range_type":459,"version_start":474,"version_start_type":461,"version_end":475,"version_end_type":463,"fixed_in":9},"gte3.16.42_lt3.16.52","3.16.42","3.16.52",{"version":477,"is_range":458,"range_type":459,"version_start":478,"version_start_type":461,"version_end":479,"version_end_type":463,"fixed_in":9},"gte3.18.55_lt3.18.86","3.18.55","3.18.86",{"version":481,"is_range":458,"range_type":459,"version_start":482,"version_start_type":461,"version_end":483,"version_end_type":463,"fixed_in":9},"gte4.1.41_lt4.1.48","4.1.41","4.1.48",{"version":485,"is_range":458,"range_type":459,"version_start":486,"version_start_type":461,"version_end":487,"version_end_type":463,"fixed_in":9},"gte4.4.70_lt4.4.104","4.4.70","4.4.104",{"version":489,"is_range":458,"range_type":459,"version_start":490,"version_start_type":461,"version_end":491,"version_end_type":463,"fixed_in":9},"gte4.9.7_lt4.9.67","4.9.7","4.9.67",{"version":493,"is_range":458,"range_type":459,"version_start":494,"version_start_type":461,"version_end":495,"version_end_type":463,"fixed_in":9},"gte4.10_lt4.14.4","4.10","4.14.4"]