[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-3617-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":102,"duplicates":103,"related":104,"reserved_at":9,"published_at":127,"modified_at":128,"state":9,"summary":129,"references_raw":131,"kevs":227,"epss":9,"epss_history":228,"metrics":229,"affected":230},"USN-3617-2","linux-hwe, linux-gcp, linux-oem vulnerabilities\n\nUSN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.\n\nIt was discovered that a race condition leading to a use-after-free\nvulnerability existed in the ALSA PCM subsystem of the Linux kernel. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2017-0861)\n\nIt was discovered that the KVM implementation in the Linux kernel allowed\npassthrough of the diagnostic I/O port 0x80. An attacker in a guest VM\ncould use this to cause a denial of service (system crash) in the host OS.\n(CVE-2017-1000407)\n\nIt was discovered that a use-after-free vulnerability existed in the\nnetwork namespaces implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-15129)\n\nAndrey Konovalov discovered that the usbtest device driver in the Linux\nkernel did not properly validate endpoint metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2017-16532)\n\nAndrey Konovalov discovered that the SoundGraph iMON USB driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2017-16537)\n\nAndrey Konovalov discovered that the IMS Passenger Control Unit USB driver\nin the Linux kernel did not properly validate device descriptors. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash). (CVE-2017-16645)\n\nAndrey Konovalov discovered that the DiBcom DiB0700 USB DVB driver in the\nLinux kernel did not properly handle detach events. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2017-16646)\n\nAndrey Konovalov discovered that the ASIX Ethernet USB driver in the Linux\nkernel did not properly handle suspend and resume events. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2017-16647)\n\nAndrey Konovalov discovered that the CDC USB Ethernet driver did not\nproperly validate device descriptors. A physically proximate attacker could\nuse this to cause a denial of service (system crash). (CVE-2017-16649)\n\nAndrey Konovalov discovered that the QMI WWAN USB driver did not properly\nvalidate device descriptors. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2017-16650)\n\nIt was discovered that the HugeTLB component of the Linux kernel did not\nproperly handle holes in hugetlb ranges. A local attacker could use this to\nexpose sensitive information (kernel memory). (CVE-2017-16994)\n\nIt was discovered that the netfilter component of the Linux did not\nproperly restrict access to the connection tracking helpers list. A local\nattacker could use this to bypass intended access restrictions.\n(CVE-2017-17448)\n\nIt was discovered that the netfilter passive OS fingerprinting (xt_osf)\nmodule did not properly perform access control checks. A local attacker\ncould improperly modify the system-wide OS fingerprint list.\n(CVE-2017-17450)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel\ncontained an out-of-bounds read when handling memory-mapped I/O. A local\nattacker could use this to expose sensitive information. (CVE-2017-17741)\n\nIt was discovered that the Salsa20 encryption algorithm implementations in\nthe Linux kernel did not properly handle zero-length inputs. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2017-17805)\n\nIt was discovered that the HMAC implementation did not validate the state\nof the underlying cryptographic hash algorithm. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2017-17806)\n\nIt was discovered that the keyring implementation in the Linux kernel did\nnot properly check permissions when a key request was performed on a task's\ndefault keyring. A local attacker could use this to add keys to\nunauthorized keyrings. (CVE-2017-17807)\n\nIt was discovered that a race condition existed in the OCFS2 file system\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (kernel deadlock). (CVE-2017-18204)\n\nIt was discovered that the Broadcom NetXtremeII ethernet driver in the\nLinux kernel did not properly validate Generic Segment Offload (GSO) packet\nsizes. An attacker could use this to cause a denial of service (interface\nunavailability). (CVE-2018-1000026)\n\nIt was discovered that the Reliable Datagram Socket (RDS) implementation in\nthe Linux kernel contained an out-of-bounds write during RDMA page allocation. An\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-5332)\n\nMohamed Ghannam discovered a null pointer dereference in the RDS (Reliable\nDatagram Sockets) protocol implementation of the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2018-5333)\n\n范龙飞 discovered that a race condition existed in loop block device\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-5344)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100],{"_key":15},"CVE-2017-0861",{"_key":17},"CVE-2017-1000407",{"_key":19},"CVE-2017-15129",{"_key":21},"CVE-2017-16532",{"_key":23},"CVE-2017-16537",{"_key":25},"CVE-2017-16645",{"_key":27},"CVE-2017-16646",{"_key":29},"CVE-2017-16647",{"_key":31},"CVE-2017-16649",{"_key":33},"CVE-2017-16650",{"_key":35},"CVE-2017-16994",{"_key":37},"CVE-2017-17448",{"_key":39},"CVE-2017-17450",{"_key":41},"CVE-2017-17741",{"_key":43},"CVE-2017-17805",{"_key":45},"CVE-2017-17806",{"_key":47},"CVE-2017-17807",{"_key":49},"CVE-2017-18204",{"_key":51},"CVE-2018-1000026",{"_key":53},"CVE-2018-5332",{"_key":55},"CVE-2018-5333",{"_key":57},"CVE-2018-5344",{"_key":59},"UBUNTU-CVE-2017-0861",{"_key":61},"UBUNTU-CVE-2017-1000407",{"_key":63},"UBUNTU-CVE-2017-15129",{"_key":65},"UBUNTU-CVE-2017-16532",{"_key":67},"UBUNTU-CVE-2017-16537",{"_key":69},"UBUNTU-CVE-2017-16645",{"_key":71},"UBUNTU-CVE-2017-16646",{"_key":73},"UBUNTU-CVE-2017-16647",{"_key":75},"UBUNTU-CVE-2017-16649",{"_key":77},"UBUNTU-CVE-2017-16650",{"_key":79},"UBUNTU-CVE-2017-16994",{"_key":81},"UBUNTU-CVE-2017-17448",{"_key":83},"UBUNTU-CVE-2017-17450",{"_key":85},"UBUNTU-CVE-2017-17741",{"_key":87},"UBUNTU-CVE-2017-17805",{"_key":89},"UBUNTU-CVE-2017-17806",{"_key":91},"UBUNTU-CVE-2017-17807",{"_key":93},"UBUNTU-CVE-2017-18204",{"_key":95},"UBUNTU-CVE-2018-1000026",{"_key":97},"UBUNTU-CVE-2018-5332",{"_key":99},"UBUNTU-CVE-2018-5333",{"_key":101},"UBUNTU-CVE-2018-5344",[],[],[105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126],{"_key":73},{"_key":61},{"_key":63},{"_key":69},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":87},{"_key":91},{"_key":99},{"_key":59},{"_key":65},{"_key":67},{"_key":71},{"_key":75},{"_key":85},{"_key":89},{"_key":93},{"_key":95},{"_key":97},{"_key":101},"2018-04-03T19:40:58.682185Z","2026-02-04T02:19:08.115496Z",{"cisa_kev":130,"cisa_ransomware":130,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[132,138,143,147,151,155,159,163,167,171,175,179,183,187,191,195,199,203,207,211,215,219,223],{"url":133,"sources":134,"tags":136},"https://ubuntu.com/security/notices/USN-3617-2",[135],"osv_ubuntu",[137],"Advisory",{"url":139,"sources":140,"tags":141},"https://ubuntu.com/security/CVE-2017-0861",[135],[142],"REPORT",{"url":144,"sources":145,"tags":146},"https://ubuntu.com/security/CVE-2017-15129",[135],[142],{"url":148,"sources":149,"tags":150},"https://ubuntu.com/security/CVE-2017-16532",[135],[142],{"url":152,"sources":153,"tags":154},"https://ubuntu.com/security/CVE-2017-16537",[135],[142],{"url":156,"sources":157,"tags":158},"https://ubuntu.com/security/CVE-2017-16645",[135],[142],{"url":160,"sources":161,"tags":162},"https://ubuntu.com/security/CVE-2017-16646",[135],[142],{"url":164,"sources":165,"tags":166},"https://ubuntu.com/security/CVE-2017-16647",[135],[142],{"url":168,"sources":169,"tags":170},"https://ubuntu.com/security/CVE-2017-16649",[135],[142],{"url":172,"sources":173,"tags":174},"https://ubuntu.com/security/CVE-2017-16650",[135],[142],{"url":176,"sources":177,"tags":178},"https://ubuntu.com/security/CVE-2017-16994",[135],[142],{"url":180,"sources":181,"tags":182},"https://ubuntu.com/security/CVE-2017-17448",[135],[142],{"url":184,"sources":185,"tags":186},"https://ubuntu.com/security/CVE-2017-17450",[135],[142],{"url":188,"sources":189,"tags":190},"https://ubuntu.com/security/CVE-2017-17741",[135],[142],{"url":192,"sources":193,"tags":194},"https://ubuntu.com/security/CVE-2017-17805",[135],[142],{"url":196,"sources":197,"tags":198},"https://ubuntu.com/security/CVE-2017-17806",[135],[142],{"url":200,"sources":201,"tags":202},"https://ubuntu.com/security/CVE-2017-17807",[135],[142],{"url":204,"sources":205,"tags":206},"https://ubuntu.com/security/CVE-2017-18204",[135],[142],{"url":208,"sources":209,"tags":210},"https://ubuntu.com/security/CVE-2017-1000407",[135],[142],{"url":212,"sources":213,"tags":214},"https://ubuntu.com/security/CVE-2018-5332",[135],[142],{"url":216,"sources":217,"tags":218},"https://ubuntu.com/security/CVE-2018-5333",[135],[142],{"url":220,"sources":221,"tags":222},"https://ubuntu.com/security/CVE-2018-5344",[135],[142],{"url":224,"sources":225,"tags":226},"https://ubuntu.com/security/CVE-2018-1000026",[135],[142],[],[],[],[231,243,249],{"ecosystem":232,"name":233,"vendor":234,"product":233,"cpe_part":9,"purl_type":235,"purl_namespace":234,"purl_name":233,"source":9,"versions":236},"Ubuntu","linux-gcp","ubuntu","deb",[237],{"version":238,"is_range":239,"range_type":240,"version_start":9,"version_start_type":9,"version_end":241,"version_end_type":242,"fixed_in":9},"lt4_13_0_1012_16",true,"ecosystem","4.13.0-1012.16","excluding",{"ecosystem":232,"name":244,"vendor":234,"product":244,"cpe_part":9,"purl_type":235,"purl_namespace":234,"purl_name":244,"source":9,"versions":245},"linux-hwe",[246],{"version":247,"is_range":239,"range_type":240,"version_start":9,"version_start_type":9,"version_end":248,"version_end_type":242,"fixed_in":9},"lt4_13_0_38_43~16_04_1","4.13.0-38.43~16.04.1",{"ecosystem":232,"name":250,"vendor":234,"product":250,"cpe_part":9,"purl_type":235,"purl_namespace":234,"purl_name":250,"source":9,"versions":251},"linux-oem",[252],{"version":253,"is_range":239,"range_type":240,"version_start":9,"version_start_type":9,"version_end":254,"version_end_type":242,"fixed_in":9},"lt4_13_0_1022_24","4.13.0-1022.24"]