[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-3422-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":86,"duplicates":87,"related":88,"reserved_at":9,"published_at":107,"modified_at":108,"state":9,"summary":109,"references_raw":111,"kevs":191,"epss":9,"epss_history":192,"metrics":193,"affected":194},"USN-3422-1","linux vulnerabilities\n\nIt was discovered that a buffer overflow existed in the Bluetooth stack of\nthe Linux kernel when handling L2CAP configuration responses. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2017-1000251)\n\nIt was discovered that the asynchronous I/O (aio) subsystem of the Linux\nkernel did not properly set permissions on aio memory mappings in some\nsituations. An attacker could use this to more easily exploit other\nvulnerabilities. (CVE-2016-10044)\n\nBaozeng Ding and Andrey Konovalov discovered a race condition in the L2TPv3\nIP Encapsulation implementation in the Linux kernel. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2016-10200)\n\nAndreas Gruenbacher and Jan Kara discovered that the filesystem\nimplementation in the Linux kernel did not clear the setgid bit during a\nsetxattr call. A local attacker could use this to possibly elevate group\nprivileges. (CVE-2016-7097)\n\nSergej Schumilo, Ralf Spenneberg, and Hendrik Schwartke discovered that the\nkey management subsystem in the Linux kernel did not properly allocate\nmemory in some situations. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-8650)\n\nVlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO\nPCI driver for the Linux kernel. A local attacker with access to a vfio PCI\ndevice file could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)\n\nIt was discovered that an information leak existed in __get_user_asm_ex()\nin the Linux kernel. A local attacker could use this to expose sensitive\ninformation. (CVE-2016-9178)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did\nnot properly perform reference counting in some situations. An unprivileged\nattacker could use this to cause a denial of service (system hang).\n(CVE-2016-9191)\n\nIt was discovered that the keyring implementation in the Linux kernel in\nsome situations did not prevent special internal keyrings from being joined\nby userspace keyrings. A privileged local attacker could use this to bypass\nmodule verification. (CVE-2016-9604)\n\nIt was discovered that an integer overflow existed in the trace subsystem\nof the Linux kernel. A local privileged attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-9754)\n\nAndrey Konovalov discovered that the IPv4 implementation in the Linux\nkernel did not properly handle invalid IP options in some situations. An\nattacker could use this to cause a denial of service or possibly execute\narbitrary code. (CVE-2017-5970)\n\nDmitry Vyukov discovered that the Linux kernel did not properly handle TCP\npackets with the URG flag. A remote attacker could use this to cause a\ndenial of service. (CVE-2017-6214)\n\nIt was discovered that a race condition existed in the AF_PACKET handling\ncode in the Linux kernel. A local attacker could use this to cause a denial\nof service (system crash) or possibly execute arbitrary code.\n(CVE-2017-6346)\n\nIt was discovered that the keyring implementation in the Linux kernel did\nnot properly restrict searches for dead keys. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2017-6951)\n\nDmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux\nkernel contained a stack-based buffer overflow. A local attacker with\naccess to an sg device could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2017-7187)\n\nEric Biggers discovered a memory leak in the keyring implementation in the\nLinux kernel. A local attacker could use this to cause a denial of service\n(memory consumption). (CVE-2017-7472)\n\nIt was discovered that a buffer overflow existed in the Broadcom FullMAC\nWLAN driver in the Linux kernel. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-7541)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84],{"_key":15},"CVE-2016-10044",{"_key":17},"CVE-2016-10200",{"_key":19},"CVE-2016-7097",{"_key":21},"CVE-2016-8650",{"_key":23},"CVE-2016-9083",{"_key":25},"CVE-2016-9084",{"_key":27},"CVE-2016-9178",{"_key":29},"CVE-2016-9191",{"_key":31},"CVE-2016-9604",{"_key":33},"CVE-2016-9754",{"_key":35},"CVE-2017-1000251",{"_key":37},"CVE-2017-5970",{"_key":39},"CVE-2017-6214",{"_key":41},"CVE-2017-6346",{"_key":43},"CVE-2017-6951",{"_key":45},"CVE-2017-7187",{"_key":47},"CVE-2017-7472",{"_key":49},"CVE-2017-7541",{"_key":51},"UBUNTU-CVE-2016-10044",{"_key":53},"UBUNTU-CVE-2016-10200",{"_key":55},"UBUNTU-CVE-2016-7097",{"_key":57},"UBUNTU-CVE-2016-8650",{"_key":59},"UBUNTU-CVE-2016-9083",{"_key":61},"UBUNTU-CVE-2016-9084",{"_key":63},"UBUNTU-CVE-2016-9178",{"_key":65},"UBUNTU-CVE-2016-9191",{"_key":67},"UBUNTU-CVE-2016-9604",{"_key":69},"UBUNTU-CVE-2016-9754",{"_key":71},"UBUNTU-CVE-2017-1000251",{"_key":73},"UBUNTU-CVE-2017-5970",{"_key":75},"UBUNTU-CVE-2017-6214",{"_key":77},"UBUNTU-CVE-2017-6346",{"_key":79},"UBUNTU-CVE-2017-6951",{"_key":81},"UBUNTU-CVE-2017-7187",{"_key":83},"UBUNTU-CVE-2017-7472",{"_key":85},"UBUNTU-CVE-2017-7541",[],[],[89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106],{"_key":53},{"_key":57},{"_key":59},{"_key":61},{"_key":65},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":83},{"_key":85},{"_key":51},{"_key":55},{"_key":63},{"_key":67},{"_key":69},{"_key":79},{"_key":81},"2017-09-18T20:29:06Z","2026-04-22T09:39:30.533890Z",{"cisa_kev":110,"cisa_ransomware":110,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[112,118,123,127,131,135,139,143,147,151,155,159,163,167,171,175,179,183,187],{"url":113,"sources":114,"tags":116},"https://ubuntu.com/security/notices/USN-3422-1",[115],"osv_ubuntu",[117],"Advisory",{"url":119,"sources":120,"tags":121},"https://ubuntu.com/security/CVE-2016-7097",[115],[122],"REPORT",{"url":124,"sources":125,"tags":126},"https://ubuntu.com/security/CVE-2016-8650",[115],[122],{"url":128,"sources":129,"tags":130},"https://ubuntu.com/security/CVE-2016-9083",[115],[122],{"url":132,"sources":133,"tags":134},"https://ubuntu.com/security/CVE-2016-9084",[115],[122],{"url":136,"sources":137,"tags":138},"https://ubuntu.com/security/CVE-2016-9178",[115],[122],{"url":140,"sources":141,"tags":142},"https://ubuntu.com/security/CVE-2016-9191",[115],[122],{"url":144,"sources":145,"tags":146},"https://ubuntu.com/security/CVE-2016-9604",[115],[122],{"url":148,"sources":149,"tags":150},"https://ubuntu.com/security/CVE-2016-9754",[115],[122],{"url":152,"sources":153,"tags":154},"https://ubuntu.com/security/CVE-2016-10044",[115],[122],{"url":156,"sources":157,"tags":158},"https://ubuntu.com/security/CVE-2016-10200",[115],[122],{"url":160,"sources":161,"tags":162},"https://ubuntu.com/security/CVE-2017-5970",[115],[122],{"url":164,"sources":165,"tags":166},"https://ubuntu.com/security/CVE-2017-6214",[115],[122],{"url":168,"sources":169,"tags":170},"https://ubuntu.com/security/CVE-2017-6346",[115],[122],{"url":172,"sources":173,"tags":174},"https://ubuntu.com/security/CVE-2017-6951",[115],[122],{"url":176,"sources":177,"tags":178},"https://ubuntu.com/security/CVE-2017-7187",[115],[122],{"url":180,"sources":181,"tags":182},"https://ubuntu.com/security/CVE-2017-7472",[115],[122],{"url":184,"sources":185,"tags":186},"https://ubuntu.com/security/CVE-2017-7541",[115],[122],{"url":188,"sources":189,"tags":190},"https://ubuntu.com/security/CVE-2017-1000251",[115],[122],[],[],[],[195],{"ecosystem":196,"name":197,"vendor":198,"product":197,"cpe_part":9,"purl_type":199,"purl_namespace":198,"purl_name":197,"source":9,"versions":200},"Ubuntu","linux","ubuntu","deb",[201],{"version":202,"is_range":203,"range_type":204,"version_start":9,"version_start_type":9,"version_end":205,"version_end_type":206,"fixed_in":9},"lt3_13_0_132_181",true,"ecosystem","3.13.0-132.181","excluding"]