From 69a4cb15f006ab6e9678c3489039c3bc1cf4eaa3 Mon Sep 17 00:00:00 2001 From: Sona Sarmadi Date: Mon, 16 Oct 2017 14:20:12 +0200 Subject: security-report: Reviewed and updated. Signed-off-by: Sona Sarmadi --- doc/book-enea-nfv-access-security-report | 41 ++++++++++---------------------- 1 file changed, 13 insertions(+), 28 deletions(-) (limited to 'doc') diff --git a/doc/book-enea-nfv-access-security-report b/doc/book-enea-nfv-access-security-report index 627e433..8e498c3 100644 --- a/doc/book-enea-nfv-access-security-report +++ b/doc/book-enea-nfv-access-security-report @@ -154,10 +154,22 @@ Score: 7.5 (High) Description: FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105 +CVE-2017-8072 +Package: Kernel +Score: 7.2 (High) +Description: The cp2114_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux Kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors. +Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8072 + +CVE-2017-8070 +Package: Kernel +Score: 7.2 (High) +Description: drivers/net/usb/catc.c in the Linux Kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. +Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8070 + CVE name: CVE-2017-8069 Package: kernel Score: 7.2 (High) -Description: drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. +Description: drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8069 CVE name: CVE-2017-8068 @@ -1527,30 +1539,3 @@ Package: Qemu Score: 8.0 (High) Description: The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1779 - -CVE name: CVE-2014-9365 -Package: python -Score: 5.8 (Medium) -Description: The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. -Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365 - -CVE name: CVE-2014-7840 -Package: Qemu -Score: 8.0(High) -Status EL7: Fixed -Description: The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data. -Ref: https://cve.mitre - -CVE name: CVE-2014-5388 -Package: Qemu -Score: 5.0(Medium) -Status EL7: Fixed -Description: Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. -Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5388 - -CVE name: CVE-2014-3615 -Package: Qemu -Score: 2.0(Low) -Status EL7: Fixed -Description: The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution. -Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3615 -- cgit v1.2.3-54-g00ecf