vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-17863): Linux kernel vulnerabilities

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
2017-12-27
Added
2018-01-09
Modified
2025-04-25

Description

Jann Horn discovered that microprocessors utilizing speculative execution
and indirect branch prediction may allow unauthorized memory reads via
sidechannel attacks. This flaw is known as Meltdown. A local attacker could
use this to expose sensitive information, including kernel memory.
(CVE-2017-5754)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel did not properly check the relationship between pointer
values and the BPF stack. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17863)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel improperly performed sign extension in some situations.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-16995)

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)
implementation in the Linux kernel contained a branch-pruning logic issue
around unreachable code. A local attacker could use this to cause a denial
of service. (CVE-2017-17862)

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel mishandled pointer data values in some situations. A
local attacker could use this to to expose sensitive information (kernel
memory). (CVE-2017-17864)

Solution(s)

ubuntu-upgrade-linux-image-4-13-0-1005-azureubuntu-upgrade-linux-image-4-13-0-1006-gcpubuntu-upgrade-linux-image-4-13-0-1011-raspi2ubuntu-upgrade-linux-image-4-13-0-1015-oemubuntu-upgrade-linux-image-4-13-0-25-genericubuntu-upgrade-linux-image-4-13-0-25-lowlatencyubuntu-upgrade-linux-image-4-13-0-26-genericubuntu-upgrade-linux-image-4-13-0-26-generic-lpaeubuntu-upgrade-linux-image-4-13-0-26-lowlatencyubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-lpae-hwe-16-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-raspi2
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.