vulnerability
SUSE: CVE-2017-13695: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | 08/25/2017 | 08/09/2024 | 08/09/2024 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
08/25/2017
Added
08/09/2024
Modified
08/09/2024
Description
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
Solution(s)
suse-upgrade-kernel-debug-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-kgraftsuse-upgrade-kernel-default-mansuse-upgrade-kernel-develsuse-upgrade-kernel-docssuse-upgrade-kernel-ec2suse-upgrade-kernel-ec2-basesuse-upgrade-kernel-ec2-develsuse-upgrade-kernel-kvmsmall-basesuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-sourcesuse-upgrade-kernel-symssuse-upgrade-kernel-tracesuse-upgrade-kernel-trace-basesuse-upgrade-kernel-trace-develsuse-upgrade-kernel-vanillasuse-upgrade-kernel-vanilla-basesuse-upgrade-kernel-vanilla-develsuse-upgrade-kernel-vanilla-livepatch-develsuse-upgrade-kernel-xensuse-upgrade-kernel-xen-basesuse-upgrade-kernel-xen-develsuse-upgrade-kernel-zfcpdump-mansuse-upgrade-kgraft-patch-4_4_180-94_164-defaultsuse-upgrade-reiserfs-kmp-default
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.