USN-3371-1

Advisory lineage Upstream: 8 Downstream: 0

Upstream

CVE-2014-9900 CVE-2017-1000380 CVE-2017-7346 CVE-2017-9605 UBUNTU-CVE-2014-9900 UBUNTU-CVE-2017-1000380

Published: 28 Jul 2017, 17:35

Last modified:04 Feb 2026, 04:04

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Jul 2017, 17:35

Published

Vulnerability first disclosed

04 Feb 2026, 04:04

Last Modified

Vulnerability information updated

Description

linux-hwe vulnerabilities It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2014-9900) Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-1000380) Li Qiang discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly validate some ioctl arguments. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7346) Murray McAllister discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly initialize memory. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-9605)

Affected Systems

ubuntu•linux-hwe
< 4.10.0-28.32~16.04.2

USN-3371-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)