U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2017-17805

Change History

Initial Analysis by NIST 1/08/2018 6:39:49 PM

Action Type Old Value New Value
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CVSS V2

								
							
							
						
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CWE

								
							
							
						
CWE-20
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse_project:leap:42.2:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 4.14.8
Changed Reference Type
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e No Types Assigned
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e Patch
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/102291 No Types Assigned
http://www.securityfocus.com/bid/102291 Third Party Advisory, VDB Entry
Changed Reference Type
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e No Types Assigned
https://github.com/torvalds/linux/commit/ecaaab5649781c5a0effdaf298a925063020500e Patch
Changed Reference Type
https://www.debian.org/security/2017/dsa-4073 No Types Assigned
https://www.debian.org/security/2017/dsa-4073 Third Party Advisory
Changed Reference Type
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 No Types Assigned
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 Issue Tracking, Release Notes