Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2017-7495 | First vendor Publication | 2017-05-15 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | |||
|---|---|---|---|
| Overall CVSS Score | 5.5 | ||
| Base Score | 5.5 | Environmental Score | 5.5 |
| impact SubScore | 3.6 | Temporal Score | 5.5 |
| Exploitabality Sub Score | 1.8 | ||
| Attack Vector | Local | Attack Complexity | Low |
| Privileges Required | Low | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | None | Availability Impact | None |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7495 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-08-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3405-1.nasl - Type : ACT_GATHER_INFO |
| 2017-08-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3405-2.nasl - Type : ACT_GATHER_INFO |
| 2017-08-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3406-1.nasl - Type : ACT_GATHER_INFO |
| 2017-08-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-1842.nasl - Type : ACT_GATHER_INFO |
| 2017-07-21 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1122.nasl - Type : ACT_GATHER_INFO |
| 2017-07-21 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1123.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 13:09:08 |
|
| 2024-10-25 01:50:00 |
|
| 2024-10-23 01:49:28 |
|
| 2024-08-02 12:50:40 |
|
| 2024-08-02 01:14:29 |
|
| 2024-03-12 12:45:20 |
|
| 2024-02-02 01:49:05 |
|
| 2024-02-01 12:13:49 |
|
| 2023-12-29 01:43:44 |
|
| 2023-11-22 01:43:20 |
|
| 2023-09-05 12:47:03 |
|
| 2023-09-05 01:13:33 |
|
| 2023-09-02 12:46:36 |
|
| 2023-09-02 01:13:50 |
|
| 2023-08-22 12:41:50 |
|
| 2023-03-28 12:13:36 |
|
| 2023-02-13 05:27:53 |
|
| 2023-02-03 05:28:16 |
|
| 2022-10-11 01:13:14 |
|
| 2022-02-01 01:30:18 |
|
| 2021-12-11 12:30:54 |
|
| 2021-12-11 01:29:13 |
|
| 2021-08-19 12:26:49 |
|
| 2021-05-25 12:25:27 |
|
| 2021-05-04 13:04:50 |
|
| 2021-04-22 02:18:22 |
|
| 2021-03-27 01:22:49 |
|
| 2020-08-11 12:19:27 |
|
| 2020-08-08 01:19:22 |
|
| 2020-08-07 12:19:43 |
|
| 2020-08-07 01:20:22 |
|
| 2020-08-01 12:19:21 |
|
| 2020-07-30 01:20:03 |
|
| 2020-05-23 02:08:35 |
|
| 2020-05-23 01:03:54 |
|
| 2019-09-12 12:09:59 |
|
| 2019-07-03 01:10:00 |
|
| 2019-01-25 12:09:53 |
|
| 2018-11-17 12:08:23 |
|
| 2018-11-07 12:06:24 |
|
| 2018-10-30 12:11:02 |
|
| 2018-08-31 12:09:42 |
|
| 2018-08-09 12:06:18 |
|
| 2018-07-13 01:09:09 |
|
| 2018-04-25 12:09:02 |
|
| 2018-03-28 12:08:57 |
|
| 2017-10-07 12:03:52 |
|
| 2017-09-09 09:22:17 |
|
| 2017-08-30 13:25:10 |
|
| 2017-08-30 09:20:36 |
|
| 2017-08-26 12:04:23 |
|
| 2017-07-22 13:24:21 |
|
| 2017-05-27 00:21:53 |
|
| 2017-05-16 00:19:53 |
|
