CVE-2017-12762
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
09/08/2017
Last modified:
20/04/2025
Description
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.18 (including) | 3.18.64 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.19 (including) | 4.4.80 (including) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.5 (including) | 4.9.41 (including) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10 (including) | 4.12.5 (including) |
| cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.openwall.com/lists/oss-security/2020/02/11/1
- http://www.openwall.com/lists/oss-security/2020/02/11/2
- http://www.openwall.com/lists/oss-security/2020/02/14/4
- http://www.securityfocus.com/bid/100251
- https://patchwork.kernel.org/patch/9880041/
- https://usn.ubuntu.com/3620-1/
- https://usn.ubuntu.com/3620-2/
- http://www.openwall.com/lists/oss-security/2020/02/11/1
- http://www.openwall.com/lists/oss-security/2020/02/11/2
- http://www.openwall.com/lists/oss-security/2020/02/14/4
- http://www.securityfocus.com/bid/100251
- https://patchwork.kernel.org/patch/9880041/
- https://usn.ubuntu.com/3620-1/
- https://usn.ubuntu.com/3620-2/