USN-3381-1

Advisory lineage Upstream: 8 Downstream: 0

Upstream

CVE-2016-8405 CVE-2017-1000365 CVE-2017-2618 CVE-2017-7482 UBUNTU-CVE-2016-8405 UBUNTU-CVE-2017-1000365

Published: 07 Aug 2017, 18:36

Last modified:22 Apr 2026, 09:38

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

07 Aug 2017, 18:36

Published

Vulnerability first disclosed

22 Apr 2026, 09:38

Last Modified

Vulnerability information updated

Description

linux vulnerabilities Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information (kernel memory). (CVE-2016-8405) It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365) It was discovered that SELinux in the Linux kernel did not properly handle empty writes to /proc/pid/attr. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-2618) 石磊 discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482)

Affected Systems

ubuntu•linux
< 3.13.0-126.175

USN-3381-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)