vulnerability
Amazon Linux AMI: CVE-2017-7533: Security patch for kernel (ALAS-2017-870)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Aug 3, 2017 | Aug 18, 2017 | Oct 14, 2022 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Aug 3, 2017
Added
Aug 18, 2017
Modified
Oct 14, 2022
Description
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
Solution
amazon-linux-upgrade-kernel
References
- REDHAT-RHSA-2017:2473
- REDHAT-RHSA-2017:2585
- REDHAT-RHSA-2017:2669
- REDHAT-RHSA-2017:2770
- REDHAT-RHSA-2017:2869
- AMAZON-ALAS-2017-870
- DEBIAN-DSA-3927
- DEBIAN-DSA-3945
- BID-100123
- SECTRACK-1039075
- NVD-CVE-2017-7533
- UBUNTU-USN-3377-1
- UBUNTU-USN-3377-2
- UBUNTU-USN-3378-1
- UBUNTU-USN-3378-2
- UBUNTU-USN-3392-1
- UBUNTU-USN-3392-2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.