Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-1000369

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-19 Jun, 2017 | 16:00
Updated At-05 Aug, 2024 | 22:00
Rejected At-
Credits

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:19 Jun, 2017 | 16:00
Updated At:05 Aug, 2024 | 22:00
Rejected At:
▼CVE Numbering Authority (CNA)

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
x_refsource_MISC
http://www.securitytracker.com/id/1038779
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/bid/99252
vdb-entry
x_refsource_BID
https://access.redhat.com/security/cve/CVE-2017-1000369
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201709-19
vendor-advisory
x_refsource_GENTOO
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
x_refsource_MISC
http://www.debian.org/security/2017/dsa-3888
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
Resource:
x_refsource_MISC
Hyperlink: http://www.securitytracker.com/id/1038779
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/bid/99252
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://access.redhat.com/security/cve/CVE-2017-1000369
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/201709-19
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.debian.org/security/2017/dsa-3888
Resource:
vendor-advisory
x_refsource_DEBIAN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
x_refsource_MISC
x_transferred
http://www.securitytracker.com/id/1038779
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/bid/99252
vdb-entry
x_refsource_BID
x_transferred
https://access.redhat.com/security/cve/CVE-2017-1000369
x_refsource_CONFIRM
x_transferred
https://security.gentoo.org/glsa/201709-19
vendor-advisory
x_refsource_GENTOO
x_transferred
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
x_refsource_MISC
x_transferred
http://www.debian.org/security/2017/dsa-3888
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securitytracker.com/id/1038779
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/bid/99252
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://access.redhat.com/security/cve/CVE-2017-1000369
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201709-19
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.debian.org/security/2017/dsa-3888
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:19 Jun, 2017 | 16:29
Updated At:20 Apr, 2025 | 01:37

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.1
Base score: 4.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
Exim
exim
>>exim>>Versions up to 4.87.1(inclusive)
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc1:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc2:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc3:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc4:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc5:*:*:*:*:*:*
Exim
exim
>>exim>>4.88
cpe:2.3:a:exim:exim:4.88:rc6:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc1:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc2:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc3:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc4:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc5:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc6:*:*:*:*:*:*
Exim
exim
>>exim>>4.89
cpe:2.3:a:exim:exim:4.89:rc7:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-404Primarynvd@nist.gov
CWE ID: CWE-404
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.debian.org/security/2017/dsa-3888cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/99252cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038779cve@mitre.org
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/CVE-2017-1000369cve@mitre.org
Vendor Advisory
https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21cve@mitre.org
Mitigation
Third Party Advisory
https://security.gentoo.org/glsa/201709-19cve@mitre.org
Third Party Advisory
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txtcve@mitre.org
Third Party Advisory
http://www.debian.org/security/2017/dsa-3888af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/99252af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038779af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/CVE-2017-1000369af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21af854a3a-2127-422b-91ae-364da2661108
Mitigation
Third Party Advisory
https://security.gentoo.org/glsa/201709-19af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txtaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://www.debian.org/security/2017/dsa-3888
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/99252
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1038779
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://access.redhat.com/security/cve/CVE-2017-1000369
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
Source: cve@mitre.org
Resource:
Mitigation
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201709-19
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2017/dsa-3888
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/99252
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1038779
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://access.redhat.com/security/cve/CVE-2017-1000369
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mitigation
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201709-19
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

61Records found
CVE-2020-8619
Matching Score-6
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-6
Assigner-Internet Systems Consortium (ISC)
CVSS Score-4.9||MEDIUM
EPSS-9.97% / 92.74%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 21:20
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

Action-Not Available
Vendor-openSUSEFedora ProjectNetApp, Inc.Canonical Ltd.Debian GNU/LinuxInternet Systems Consortium, Inc.
Product-ubuntu_linuxdebian_linuxfedorabindleapsteelstore_cloud_integrated_storageBIND9
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2021-1093
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 21.20%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 00:00
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

Action-Not Available
Vendor-Debian GNU/LinuxNVIDIA Corporation
Product-debian_linuxgpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2020-0549
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.99%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 00:03
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-Intel CorporationDebian GNU/LinuxCanonical Ltd.openSUSEFedora Project
Product-xeon_e3-1501m_firmwarexeon_6126xeon_8276_firmwarepentium_g4500_firmwarexeon_5222xeon_w-3245mceleron_3955u_firmwarexeon_6154_firmwarexeon_5215l_firmwarepentium_4415ycore_i3-6300xeon_8180_firmwarecore_i3-6100e_firmwarecore_i3-8350k_firmwarexeon_5218txeon_e-2124g_firmwarecore_i7-9700kfcore_i7-7640xcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_5220_firmwarecore_i9-10940xcore_i5-8400hxeon_e-2254me_firmwarecore_i7_8500yceleron_g3940xeon_w-2125xeon_5118_firmwarexeon_6262vcore_i5-7y54xeon_8160txeon_e3-1535m_firmwarexeon_8170_firmwarecore_i3-7007u_firmwarecore_i7-6650u_firmwarecore_i9-9900kfxeon_5215_firmwarepentium_g4400tceleron_g3920t_firmwarexeon_6128_firmwarecore_i7-8670xeon_w-2255core_i3-8145uxeon_6246core_i7_10510ycore_i7-6822eqxeon_8160m_firmwarecore_i9-9940x_firmwarecore_i5-7210u_firmwarecore_i3-7020ucore_i7-6700texeon_e3-1285_firmwarecore_i7-6567u_firmwarexeon_5218_firmwarecore_i9-7920xcore_i7-7600uxeon_6142mcore_i5-9400f_firmwarexeon_e-2224xeon_e-2184g_firmwarecore_i5-7y57_firmwarecore_i3-6100t_firmwarexeon_9222core_i3-7100e_firmwarecore_i3-7100ecore_i9-7940x_firmwarexeon_e3-1275_firmwarecore_i5-6442eq_firmwarecore_i5-6287u_firmwarexeon_e-2134_firmwarexeon_3104xeon_6142fcore_m5-6y54xeon_w-2245core_i5-6600kxeon_6252n_firmwarepentium_g5400_firmwarecore_i3-7120t_firmwareceleron_g3940_firmwarexeon_8260lxeon_6242_firmwarecore_i7-7600u_firmwarepentium_g4520_firmwarecore_i5-8400bxeon_4214xeon_e3-1285pentium_g4420xeon_6152core_i7-7820hkcore_i5-6500te_firmwarexeon_8260_firmwarexeon_4116t_firmwarecore_i9-9940xcore_i5-8550xeon_6134mcore_i5-8400h_firmwarexeon_e-2184gcore_i7-6970hqxeon_6140_firmwarecore_i9-9820x_firmwarecore_i5-7500ucore_i3-6120tcore_i5-8600xeon_6240ypentium_g5420_firmwarexeon_4214yceleron_g3930teceleron_3865u_firmwarecore_i7-9700kxeon_3206r_firmwarecore_i5-9400_firmwarexeon_e3-1225celeron_3865ucore_i7-7740x_firmwarexeon_w-2265core_i3-8100xeon_8156pentium_g4520t_firmwarecore_m7-6y75xeon_w-2245_firmwarexeon_e3-1270_firmwarecore_i5-6600t_firmwareceleron_g4900tcore_m3-6y30fedoraceleron_3855u_firmwarecore_i5-7287u_firmwarecore_i7-7700celeron_g3900te_firmwarexeon_8153_firmwarepentium_g5600_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kxeon_4114t_firmwarexeon_e-2124_firmwarecore_i7-8700k_firmwarexeon_5218n_firmwarexeon_w-2223_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hceleron_g3900_firmwarecore_i5-8365ucore_i9-9960x_firmwarecore_i5-9600kfcore_i5-8500b_firmwarexeon_4109t_firmwarepentium_4410ycore_i3-7100u_firmwarexeon_8164core_i5-7600core_i3-6100h_firmwarecore_i9-7940xxeon_5118pentium_g5400txeon_w-3265_firmwarecore_i9-9960xxeon_6230n_firmwarecore_i3-7120_firmwarexeon_w-2195core_i7-7820eq_firmwarexeon_5218ncore_i5-8550_firmwarexeon_w-3235_firmwarecore_i3-8300core_i5-7400tcore_i5-7267u_firmwarexeon_e3-1535mpentium_4415y_firmwarexeon_e3-1505m_firmwarexeon_6226_firmwarexeon_e-2174gxeon_5215mcore_i7-8809gxeon_8160fxeon_4214_firmwarecore_i7-8700bcore_i5-8420_firmwarecore_i5-7260uxeon_w-2145_firmwarecore_i3-8000t_firmwarecore_i7_8560u_firmwarecore_i7-7500u_firmwarepentium_g5420tcore_i5-7267uxeon_6130f_firmwarecore_i7-7800xxeon_6146_firmwarexeon_6154xeon_6238_firmwarecore_i3-8020_firmwarexeon_4116xeon_5220r_firmwarecore_i7-7820hk_firmwarecore_i9-9900kf_firmwarecore_i7-6560uxeon_w-2123xeon_w-3275mxeon_e3-1505lpentium_g4420txeon_4112_firmwarecore_i5-8300hcore_i5-8600t_firmwarexeon_6252xeon_8180mxeon_6130txeon_6136xeon_4116_firmwarecore_i5-6600_firmwarexeon_6242xeon_8270_firmwarexeon_5120txeon_8160pentium_g4400_firmwarexeon_8158_firmwarecore_i3-7110u_firmwarexeon_6230t_firmwarecore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i5-9600kf_firmwarecore_i7-7510u_firmwarexeon_e-2224_firmwarecore_i7-9750hfceleron_g4920core_i5-9300h_firmwarexeon_6244xeon_e-2274gcore_i3-6167uxeon_6230nxeon_6252ncore_i5-8400b_firmwarecore_i9-9800x_firmwarexeon_6130_firmwarexeon_9221_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarecore_i7-7740xxeon_e3-1240_firmwarecore_i7-6500ucore_i3-7110ucore_i7-6500u_firmwarecore_i3-8120xeon_8276l_firmwareceleron_g3902exeon_e-2124core_i9-9880hxeon_6144_firmwarecore_i5-7287ucore_i5-8500t_firmwaredebian_linuxcore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_6238t_firmwarexeon_4214cxeon_6238core_i5-6300uxeon_5215r_firmwarecore_i7-8565uxeon_4210_firmwarexeon_5218b_firmwarexeon_6134m_firmwarexeon_6238l_firmwarexeon_4108_firmwarecore_i5-7300hq_firmwarexeon_9282_firmwarexeon_e-2274g_firmwarexeon_e3-1245core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560uxeon_w-2133_firmwarecore_i5-6600k_firmwarecore_i3-6110u_firmwarexeon_5222_firmwarecore_i5-7400t_firmwarecore_i3-6100hcore_i3-8100t_firmwarecore_i5-6200u_firmwarexeon_6138f_firmwarexeon_8276xeon_6226xeon_w-3265m_firmwarexeon_6148_firmwarexeon_8164_firmwarecore_i7-8850h_firmwarecore_m7-6y75_firmwarecore_i7-6700hqpentium_g4500t_firmwarexeon_5218t_firmwarecore_i7-9700kf_firmwarecore_i9-7900x_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarecore_i7-9850h_firmwarexeon_6150core_i5-6350hqxeon_5120xeon_8280l_firmwarecore_i7-6660u_firmwarecore_i5-7600txeon_8276mcore_i5405u_firmwarecore_i9-9820xcore_i3-6100te_firmwarexeon_6126f_firmwarexeon_9222_firmwarexeon_w-2155core_i5-6350hq_firmwarexeon_8260l_firmwarecore_i7-7500ucore_i7-8550uxeon_9242_firmwareubuntu_linuxxeon_e-2224gxeon_w-2135core_i3-6120_firmwarexeon_e3-1505mcore_i5-6310u_firmwarexeon_w-2145xeon_8276lcore_i5-6400_firmwarecore_i7-6650ucore_i7_8650ucore_i9-9900x_firmwarecore_i5_10110y_firmwarecore_i5-9300hcore_i5-6210uxeon_e3-1240xeon_4210rpentium_g5420core_i3-7167u_firmwarecore_i9-10920x_firmwarepentium_g5500_firmwarecore_i7-8665u_firmwarecore_i3-7167ucore_i3-6100tcore_i5-9400hleapcore_i7-7567uxeon_w-2295_firmwarecore_i3-8145u_firmwarepentium_4405u_firmwarexeon_6126fcore_i7_10510y_firmwarecore_i3-7340_firmwarexeon_8268_firmwarecore_i7-7660u_firmwarexeon_4216rpentium_g5500tcore_i7-7820hqcore_i5-6260u_firmwareceleron_g3920txeon_8156_firmwarexeon_6126txeon_4215core_i7-8750h_firmwarexeon_3106core_i3-6100ecore_i3-8300t_firmwarecore_i5-7400_firmwarexeon_e3-1280xeon_5220s_firmwareceleron_3955ucore_i7-9700k_firmwarexeon_6240_firmwarexeon_4214y_firmwarexeon_5115core_i5-7y54_firmwarexeon_5215pentium_4405y_firmwarecore_i7-6567uxeon_6130fxeon_e-2174g_firmwarecore_i3-7101exeon_8180xeon_6138fxeon_6238lcore_i9-7900xcore_i9-8950hk_firmwarecore_i5-8500xeon_4209tcore_i7-6870hq_firmwarexeon_w-3223core_i3-8000_firmwarecore_i5-7600_firmwarexeon_w-3275m_firmwarecore_i7-7510uxeon_w-2235_firmwarecore_i5-6267u_firmwarexeon_6140mcore_i5-8265uxeon_5115_firmwarexeon_e-2254mexeon_6240xeon_w-3235core_i3-7007ucore_i5-6300hqcore_i3-6110uxeon_6142f_firmwarexeon_6148f_firmwarecore_i5-6440hqcore_i7-7y75xeon_8176mxeon_w-2225xeon_6252_firmwarecore_i7-7560u_firmwarexeon_w-2133core_i7-6700core_i5-7y57celeron_g3920_firmwarexeon_4108core_i3-8350kcore_i7_8560ucore_i5-7500tcore_i5-9600k_firmwarexeon_e-2224g_firmwarecore_i7_8500y_firmwarecore_i3-6102e_firmwarexeon_6240m_firmwarexeon_e3-1230_firmwarexeon_w-2223xeon_4214c_firmwarecore_i9-7920x_firmwarecore_i7-8705gcore_i7-7700kpentium_g4540_firmwarecore_i7-8665ucore_i4205ucore_i3-8300txeon_6240y_firmwarecore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i3-8120_firmwarecore_i7-8706gxeon_w-3225xeon_4215_firmwarecore_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_5220t_firmwarecore_i9-7960x_firmwarepentium_g5500t_firmwarecore_i7-8700core_i5-7500u_firmwarexeon_e3-1501lcore_i3-6300txeon_6238mcore_i5-6310ucore_i3-7130u_firmwarexeon_w-2155_firmwarecore_i5-8400core_i3-6120xeon_4110_firmwarecore_i7-8705g_firmwarecore_i7-7700txeon_w-3225_firmwarexeon_9282xeon_w-2295core_i5-7260u_firmwarecore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqxeon_w-3245m_firmwarecore_i7-8700kxeon_9220_firmwarexeon_6262v_firmwarexeon_5220core_i7_8550ucore_i5-8600k_firmwarecore_i5-7200u_firmwarecore_i5-7442eqxeon_e-2134xeon_e-2284g_firmwarexeon_5120t_firmwarepentium_g4500txeon_4116tcore_i7_8550u_firmwarecore_i5-7442eq_firmwarecore_i7_8559uxeon_8170m_firmwarecore_i7-8569u_firmwarexeon_e-2144g_firmwarexeon_5122xeon_9242xeon_4208xeon_6246_firmwarexeon_5218bcore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_6144xeon_6230txeon_8280_firmwarecore_i5-6442eqxeon_6254core_i5-8420tcore_i9-7960xcore_i5-9600kcore_i7-7820xceleron_g3900core_i3-6300_firmwarecore_i5_10110ycore_i7-7640x_firmwarecore_i7-7700hqpentium_g5600xeon_6142_firmwarecore_i9-7980xexeon_3206rceleron_g4900t_firmwarecore_i3-8100hxeon_e3-1225_firmwarecore_i7-6870hqxeon_5220sxeon_4114pentium_g4500xeon_6146xeon_8253_firmwarexeon_6222v_firmwarecore_i5-8350uxeon_6134xeon_3104_firmwarecore_i3-6320t_firmwarexeon_5119txeon_w-3223_firmwarecore_i5-7300ucore_i5-6440hq_firmwarecore_m3-6y30_firmwarexeon_5217_firmwarepentium_4415u_firmwarexeon_w-3265mcore_i5-8500tceleron_3965y_firmwarecore_i5-7500xeon_8268xeon_w-2255_firmwarexeon_6234xeon_6240lcore_i5-6400xeon_5215rcore_i5-7200upentium_g4540core_i5-8350u_firmwarecore_i7-8700b_firmwareceleron_g3930exeon_8168_firmwarecore_i9-8950hkpentium_g4520xeon_8256_firmwarexeon_4210xeon_6142pentium_4405ucore_i7-6820hq_firmwarecore_i3-6320_firmwarecore_i7-7920hqpentium_g4400t_firmwarexeon_8260yxeon_6126t_firmwarexeon_e-2254mlxeon_5220tcore_i5-8400txeon_w-2123_firmwarexeon_8160f_firmwarexeon_8256core_i3-6100_firmwarexeon_8280xeon_4209t_firmwarecore_i9-10920xxeon_8160t_firmwarexeon_6244_firmwarecore_i5-8420core_i7-8670txeon_e-2254ml_firmwarexeon_6148core_i7-6660uceleron_3965uceleron_g4920_firmwarecore_i3-6120t_firmwarexeon_9220core_i5_10310yxeon_8160mcore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_e3-1220_firmwarexeon_4109txeon_6128core_i5-6500t_firmwarexeon_e3-1501l_firmwarexeon_e-2244gcore_i9-9900kxeon_4110core_i3-6320tcore_i7-8709gcore_i3-7120xeon_5220rcore_i7-8550u_firmwarecore_i7-7y75_firmwarecore_i5-6287upentium_g4420t_firmwarexeon_8180m_firmwarexeon_6130t_firmwarexeon_5215lcore_i5-7640x_firmwarecore_i5-9400core_i9-9920xcore_i3-8100txeon_6150_firmwarepentium_4415ucore_i5-6500tcore_i5-6260ucore_i3-7120tcore_i7-6700k_firmwarecore_i5-8650k_firmwarecore_i5-7500t_firmwarecore_i7-8700tcore_i7-6820hk_firmwarexeon_6230_firmwarecore_i7-6820hqxeon_6140core_i5-7400xeon_e3-1501mcore_i7-8650uxeon_8160_firmwarecore_i5_10210y_firmwarecore_i3-7102e_firmwarecore_m3-7y30_firmwarexeon_e3-1245_firmwarexeon_8153xeon_6132_firmwarecore_i5-6600core_i7-6700tcore_i7-6920hqxeon_8170mxeon_6132xeon_8276m_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_4208rxeon_8176fcore_i7-6700_firmwarexeon_e-2234_firmwarecore_i3-7320t_firmwarepentium_g4400texeon_e3-1280_firmwarecore_i9-9800xxeon_w-3265core_i7-6510u_firmwarexeon_6136_firmwarecore_i7-6822eq_firmwarecore_i7-8565u_firmwarexeon_w-3245xeon_4216_firmwarexeon_8158xeon_8176f_firmwarexeon_6148fxeon_8168core_i5-8500bxeon_e-2124gcore_i5-7600t_firmwarexeon_8176_firmwarecore_i9-7980xe_firmwarecore_i5-7440hq_firmwarecore_i7_8650u_firmwarecore_i5-6300hq_firmwarexeon_e-2234core_i7-8709g_firmwarexeon_6238m_firmwarepentium_g4520tceleron_g3930e_firmwareceleron_3965u_firmwarexeon_6138tcore_i7-9850hcore_i5_10310y_firmwarecore_i5-9400fcore_i3-8000core_i7-6700kcore_i3-6320core_i3-7320tcore_i5-7440eqcore_i7-6820eq_firmwarepentium_4410y_firmwarecore_i7-7820x_firmwareceleron_g3900txeon_8280lxeon_w-2195_firmwarexeon_6230xeon_4208r_firmwarecore_i3-8130u_firmwarecore_i3-8000tceleron_g3920core_i5-6400txeon_6140m_firmwarexeon_4216core_i3-7100uxeon_5122_firmwarexeon_3204core_i3-7101texeon_5119t_firmwarexeon_6234_firmwarexeon_w-3275xeon_w-2265_firmwarexeon_8270core_i5-7600kxeon_4112core_m5-6y57core_i5-8250ucore_i7-6920hq_firmwarecore_i7-7820eqxeon_e3-1275xeon_4114txeon_6248_firmwarecore_i5405ucore_i5-7360ucore_i7_8565ucore_i5-6500core_i3-7340core_i7-8650u_firmwarecore_i7_8559u_firmwarexeon_w-3245_firmwarexeon_8260mcore_i5-6200ucore_i7-8670t_firmwarecore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_4208_firmwarecore_i5-8650_firmwarexeon_w-2135_firmwarecore_i5-8250u_firmwarexeon_6126_firmwareceleron_g3902e_firmwarecore_i7-7567u_firmwarexeon_8176m_firmwarecore_i5-8400_firmwarecore_i7-8670_firmwarecore_i7-6970hq_firmwarexeon_6138t_firmwarecore_i7-7700hq_firmwarecore_i7-6820hkxeon_6254_firmwarexeon_8260y_firmwarepentium_g4400core_i5-7440eq_firmwarecore_i9-9900xcore_i7-9750hf_firmwarecore_i5-8400t_firmwarexeon_4216r_firmwarexeon_w-2125_firmwarexeon_e-2284gcore_i5-6400t_firmwarecore_i3-6102ecore_i5-8365u_firmwarexeon_w-2175_firmwarecore_i7-6700te_firmwarecore_i5-6600txeon_8280m_firmwarecore_i3-8020pentium_g4420_firmwarexeon_6134_firmwarexeon_e-2244g_firmwarecore_i7-6510ucore_i5-6360u_firmwarecore_i3-8100h_firmwarexeon_5120_firmwarexeon_w-2235core_i7-8850hcore_i5-7210ucore_i3-7130ucore_i5-8265u_firmwarexeon_6130core_i9-10900x_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7_8565u_firmwarecore_i7-6820eqxeon_4214rcore_i9-10900xceleron_g3930te_firmwarexeon_5215m_firmwarecore_i5-8650core_i5-6500texeon_6152_firmwarecore_i5_10210ycore_m3-7y30core_i5-8500_firmwarecore_i5-6210u_firmwarexeon_6222vxeon_6240mcore_i5-6300u_firmwarexeon_4214r_firmwarecore_i7-8809g_firmwarexeon_6238txeon_e3-1230xeon_8170xeon_8260m_firmwarexeon_6240l_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_w-3275_firmwareceleron_g4900core_i5-9400h_firmwarepentium_4405yxeon_6142m_firmwarecore_i5-8420t_firmwarepentium_g5500xeon_8176celeron_g3900t_firmwarecore_i3-6100xeon_w-2275core_i5-7640xxeon_5218xeon_8280mceleron_g4900_firmwarecore_i5-7440hqcore_m5-6y54_firmwarexeon_e-2144gcore_i5-6360uxeon_e3-1505l_firmwarecore_i9-10940x_firmwarepentium_g5420t_firmwarecore_i3-6300t_firmwarecore_m5-6y57_firmwarecore_i7-8569uxeon_4210r_firmwarecore_i5-8650kcore_i7-7700_firmwarecore_i7-6770hq_firmwarexeon_8260core_i5-6267uceleron_3965ypentium_g5400t_firmwarexeon_9221pentium_g4400te_firmwarexeon_6138_firmwarexeon_6138xeon_6248celeron_g3900texeon_3204_firmwarecore_i4205u_firmwarecore_i3-7020u_firmwarecore_i3-7101e_firmwareceleron_3855ucore_i5-6440eqcore_i9-9920x_firmwarecore_i5-8600tcore_i5-8305gcore_i5-6440eq_firmwarecore_i9-9980hkxeon_8253core_i3-6100texeon_5217pentium_g5400core_i3-8130uxeon_e3-1270xeon_3106_firmwarexeon_w-2175xeon_4114_firmwareIntel(R) Processors
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2019-19331
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.76%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 00:00
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).

Action-Not Available
Vendor-nicCZ.NICDebian GNU/Linux
Product-knot_resolverdebian_linuxknot-resolver
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-34969
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.61% / 68.91%
||
7 Day CHG-0.05%
Published-08 Jun, 2023 | 00:00
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora Projectfreedesktop.org
Product-fedoradebian_linuxdbusn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-33746
Matching Score-6
Assigner-Xen Project
ShareView Details
Matching Score-6
Assigner-Xen Project
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.31%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-34059
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.4||HIGH
EPSS-0.08% / 23.84%
||
7 Day CHG~0.00%
Published-27 Oct, 2023 | 04:53
Updated-06 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)Debian GNU/Linux
Product-open_vm_toolsdebian_linuxopen-vm-tools
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2021-44717
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.55% / 66.87%
||
7 Day CHG~0.00%
Published-01 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 04:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.

Action-Not Available
Vendor-opengroupn/aDebian GNU/LinuxGo
Product-gounixdebian_linuxn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-8925
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 28.42%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-3621
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-4.3||MEDIUM
EPSS-0.30% / 52.87%
||
7 Day CHG-0.01%
Published-20 Oct, 2022 | 00:00
Updated-15 Apr, 2025 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereference

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-3524
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-4.3||MEDIUM
EPSS-0.16% / 37.42%
||
7 Day CHG-0.01%
Published-16 Oct, 2022 | 00:00
Updated-15 Apr, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux Kernel IPv6 ipv6_renew_options memory leak

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
  • Previous
  • 1
  • 2
  • Next
Details not found