CVE-2017-17854
Status: Analyzed
Last modified:
07-02-2023
Published:
27-12-2017
7.8
SUMMARY CVE-2017-17854
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
Access CVSS3 CVE-2017-17854
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | LOCAL | LOW | UNCHANGED | NONE |
Impact CVSS3 CVE-2017-17854
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2017-17854
EPSS | 0.00042 |
---|---|
EPSS % | 0.05068 |
References | |
CWE | CWE-190 |
CAPEC |
|
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |