USN-3445-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2016-8633 CVE-2017-14106 UBUNTU-CVE-2016-8633 UBUNTU-CVE-2017-14106

Published: 10 Oct 2017, 23:32

Last modified:22 Apr 2026, 09:40

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

10 Oct 2017, 23:32

Published

Vulnerability first disclosed

22 Apr 2026, 09:40

Last Modified

Vulnerability information updated

Description

linux vulnerabilities Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633) Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14106)

Affected Systems

ubuntu•linux
< 3.13.0-133.182

USN-3445-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)