Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-1000255

EPSS 0.05% · P15
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-1000255

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry the content of the signal frame is written to the kernel stack, allowing an attacker to overwrite arbitrary locations with arbitrary values. The exception handling does produce an oops, and a panic if panic_on_oops=1, but only after kernel memory has been over written. This flaw was introduced in commit: "5d176f751ee3 (powerpc: tm: Enable transactional memory (TM) lazily for userspace)" which was merged upstream into v4.9-rc1. Please note that kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Power8 Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel on Power8是美国Linux基金会发布的运行在Power8(一种精简指令集架构的CPU)中的操作系统Linux所使用的内核。 Power8及之后的版本中的PowerPC固件的Linux kernel的signal frame的处理存在安全漏洞。本地攻击者可借助任意值利用该漏洞覆盖任意位置或造成拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2017-1000255

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-1000255

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-10-30 · 29 CVEs total

CVE-2012-5358Ektron Content Management System 安全漏洞
CVE-2017-9450Amazon Web Services CloudFormation bootstrap工具包安全漏洞
CVE-2017-9377Barco ClickShare CSM-1 Base Unit和ClickShare CSC-1 Base Unit 命令注入漏洞
CVE-2017-7411Enalean Tuleap 安全漏洞
CVE-2017-15597Xen 安全漏洞
CVE-2017-12460Barco ClickShare CSM-1和ClickShare CSC-1 安全漏洞
CVE-2016-3090Apache Struts 2 安全漏洞
CVE-2015-7549QEMU 安全漏洞
CVE-2015-3249Apache Traffic Server 安全漏洞
CVE-2015-0226Apache WSS4J 加密问题漏洞
CVE-2015-0224Apache Qpid 代码问题漏洞
CVE-2014-3624Apache Traffic Server 安全漏洞
CVE-2014-3526Apache Wicket 安全漏洞
CVE-2013-4246Apache Subversion 安全漏洞
CVE-2012-4449Apache Hadoop 安全漏洞
CVE-2012-5357Ektron Content Management System 安全漏洞
CVE-2017-15921WatchDog Anti-Malware和Online Security Pro zam32.sys驱动程序资源管理错误漏洞
CVE-2017-15920WatchDog Anti-Malware和Online Security Pro zam32.sys驱动程序资源管理错误漏洞
CVE-2014-0115Apache Storm 目录遍历漏洞
CVE-2012-0881Apache Xerces2 Java 安全漏洞

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2017-1000255

No comments yet

Leave a comment