CVE-2017-7889 in Linuxinfo

Zusammenfassung

von MITRE

The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

16.04.2017

Veröffentlichung

16.04.2017

Moderieren

akzeptiert

Eintrag

VDB-99909

CPE

bereit

CWE

CWE-284 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00031

KEV

nein

Aktivitäten

very low

Sektor

Chemical, Transportation, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7889
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7889
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7889/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!