Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2017-12-27 CVE-2017-17863 Integer Overflow or Wraparound vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.
local
low complexity
linux debian CWE-190
7.8
2017-12-27 CVE-2017-17862 Improper Input Validation vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers.
local
low complexity
linux debian CWE-20
5.5
2017-12-27 CVE-2017-17857 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.
local
low complexity
linux debian CWE-119
7.8
2017-12-27 CVE-2017-17856 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.
local
low complexity
linux debian CWE-119
7.8
2017-12-27 CVE-2017-17855 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.
local
low complexity
linux debian CWE-119
7.8
2017-12-27 CVE-2017-17854 Integer Overflow or Wraparound vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
local
low complexity
linux debian CWE-190
7.8
2017-12-27 CVE-2017-17853 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.
local
low complexity
linux debian CWE-119
7.8
2017-12-27 CVE-2017-17852 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.
local
low complexity
linux debian CWE-119
7.8
2017-12-27 CVE-2017-17848 Improper Verification of Cryptographic Signature vulnerability in multiple products
An issue was discovered in Enigmail before 1.9.9.
network
low complexity
enigmail debian CWE-347
7.5
2017-12-27 CVE-2017-17847 Improper Verification of Cryptographic Signature vulnerability in multiple products
An issue was discovered in Enigmail before 1.9.9.
network
low complexity
enigmail debian CWE-347
7.5