CVE-2017-1000407

moderate-risk
Published 2017-12-11

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

Do I need to act?

-
0.46% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10 High
ADJACENT_NETWORK / LOW complexity

Affected Products (17)

Affected Vendors

Canonical Redhat Linux Debian

References (34)

Mailing List http://www.openwall.com/lists/oss-security/2017/12/04/2
Third Party Advisory http://www.securityfocus.com/bid/102038
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0676
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2019:1170
Third Party Advisory https://access.redhat.com/security/cve/cve-2017-1000407
Mailing List https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
Third Party Advisory https://usn.ubuntu.com/3583-1/
Third Party Advisory https://usn.ubuntu.com/3583-2/
Third Party Advisory https://usn.ubuntu.com/3617-1/
Third Party Advisory https://usn.ubuntu.com/3617-2/
Third Party Advisory https://usn.ubuntu.com/3619-1/
Third Party Advisory https://usn.ubuntu.com/3619-2/
Third Party Advisory https://usn.ubuntu.com/3632-1/
Third Party Advisory https://www.debian.org/security/2017/dsa-4073
Third Party Advisory https://www.debian.org/security/2018/dsa-4082
Patch https://www.spinics.net/lists/kvm/msg159809.html
Mailing List http://www.openwall.com/lists/oss-security/2017/12/04/2
Third Party Advisory http://www.securityfocus.com/bid/102038
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0676
and 14 more references
44
/ 100
moderate-risk
Severity 23/34 · High
Exploitability 2/34 · Minimal
Exposure 19/34 · Moderate