U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2017-17806

Change History

Initial Analysis by NIST 1/08/2018 6:37:32 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse_project:leap:42.2:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 4.14.8
Added CVSS V2

								
							
							
						
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-119
Changed Reference Type
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 No Types Assigned
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 Patch
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html Issue Tracking, Patch, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html Issue Tracking, Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/102293 No Types Assigned
http://www.securityfocus.com/bid/102293 Third Party Advisory, VDB Entry
Changed Reference Type
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 No Types Assigned
https://github.com/torvalds/linux/commit/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 Patch
Changed Reference Type
https://www.debian.org/security/2017/dsa-4073 No Types Assigned
https://www.debian.org/security/2017/dsa-4073 Third Party Advisory
Changed Reference Type
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 No Types Assigned
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 Issue Tracking, Release Notes