CVE 2017-7482
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
Related bugs and status
CVE-2017-7482 (Candidate) is related to these bugs:
Bug #1666742: Ath10k to read different board data file if specify in SMBIOS
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1666742 | Ath10k to read different board data file if specify in SMBIOS | linux (Ubuntu) | Medium | Fix Released | ||
| 1666742 | Ath10k to read different board data file if specify in SMBIOS | HWE Next | Medium | Fix Released | ||
| 1666742 | Ath10k to read different board data file if specify in SMBIOS | linux (Ubuntu Yakkety) | Undecided | Won't Fix | ||
| 1666742 | Ath10k to read different board data file if specify in SMBIOS | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
| 1666742 | Ath10k to read different board data file if specify in SMBIOS | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1698706: Quirk for non-compliant PCI bridge on HiSilicon D05 board
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1698706 | Quirk for non-compliant PCI bridge on HiSilicon D05 board | linux (Ubuntu) | Medium | Fix Released | ||
| 1698706 | Quirk for non-compliant PCI bridge on HiSilicon D05 board | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
Bug #1699004: APST gets enabled against explicit kernel option
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1699004 | APST gets enabled against explicit kernel option | linux (Ubuntu) | Undecided | Fix Released | ||
| 1699004 | APST gets enabled against explicit kernel option | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
| 1699004 | APST gets enabled against explicit kernel option | linux (Ubuntu Yakkety) | Undecided | Won't Fix | ||
Bug #1700521: powerpc: Invalidate ERAT on powersave wakeup for POWER9
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1700521 | powerpc: Invalidate ERAT on powersave wakeup for POWER9 | linux (Ubuntu) | Medium | Fix Released | ||
| 1700521 | powerpc: Invalidate ERAT on powersave wakeup for POWER9 | The Ubuntu-power-systems project | Medium | Fix Released | ||
| 1700521 | powerpc: Invalidate ERAT on powersave wakeup for POWER9 | linux (Ubuntu Zesty) | Medium | Fix Released | ||
Bug #1700819: ERAT invalidate on context switch removal
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1700819 | ERAT invalidate on context switch removal | Ubuntu | Undecided | New | ||
| 1700819 | ERAT invalidate on context switch removal | linux (Ubuntu) | Medium | Fix Released | ||
| 1700819 | ERAT invalidate on context switch removal | Ubuntu Zesty | Undecided | New | ||
| 1700819 | ERAT invalidate on context switch removal | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
Bug #1701272: New NVLINK2 patches
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701272 | New NVLINK2 patches | linux (Ubuntu) | Undecided | Fix Released | ||
| 1701272 | New NVLINK2 patches | The Ubuntu-power-systems project | High | Fix Released | ||
| 1701272 | New NVLINK2 patches | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
Bug #1701316: Data corruption with hio driver
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701316 | Data corruption with hio driver | linux (Ubuntu) | High | Fix Released | ||
| 1701316 | Data corruption with hio driver | linux (Ubuntu Artful) | High | Fix Released | ||
| 1701316 | Data corruption with hio driver | linux (Ubuntu Xenial) | High | Invalid | ||
| 1701316 | Data corruption with hio driver | linux (Ubuntu Zesty) | High | Fix Released | ||
| 1701316 | Data corruption with hio driver | linux (Ubuntu Yakkety) | High | Won't Fix | ||
Bug #1701575: update ENA driver to 1.2.0k from net-next
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1701575 | update ENA driver to 1.2.0k from net-next | linux (Ubuntu) | Undecided | Fix Released | ||
| 1701575 | update ENA driver to 1.2.0k from net-next | linux (Ubuntu Zesty) | Undecided | Fix Released | ||
| 1701575 | update ENA driver to 1.2.0k from net-next | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
| 1701575 | update ENA driver to 1.2.0k from net-next | linux (Ubuntu Yakkety) | Undecided | Won't Fix | ||
| 1701575 | update ENA driver to 1.2.0k from net-next | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1702159: Opal and POWER9 DD2
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1702159 | Opal and POWER9 DD2 | linux (Ubuntu) | Medium | Fix Released | ||
| 1702159 | Opal and POWER9 DD2 | The Ubuntu-power-systems project | Medium | Fix Released | ||
| 1702159 | Opal and POWER9 DD2 | linux (Ubuntu Zesty) | Medium | Fix Released | ||
Bug #1702521: cxlflash update request in the Xenial SRU stream
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1702521 | cxlflash update request in the Xenial SRU stream | linux (Ubuntu) | Medium | Fix Released | ||
| 1702521 | cxlflash update request in the Xenial SRU stream | The Ubuntu-power-systems project | High | Fix Released | ||
| 1702521 | cxlflash update request in the Xenial SRU stream | linux (Ubuntu Zesty) | Medium | Fix Released | ||
Bug #1702749: arm64: fix crash reading /proc/kcore
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1702749 | arm64: fix crash reading /proc/kcore | linux (Ubuntu) | High | Fix Released | ||
| 1702749 | arm64: fix crash reading /proc/kcore | linux (Ubuntu Zesty) | High | Fix Released | ||
Bug #1703437: New ACPI identifiers for ThunderX SMMU
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1703437 | New ACPI identifiers for ThunderX SMMU | linux (Ubuntu) | High | Fix Released | ||
| 1703437 | New ACPI identifiers for ThunderX SMMU | linux (Ubuntu Zesty) | High | Fix Released | ||
Bug #1704146: hns: under heavy load, NIC may fail and require reboot
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704146 | hns: under heavy load, NIC may fail and require reboot | linux (Ubuntu) | Critical | Fix Released | ||
| 1704146 | hns: under heavy load, NIC may fail and require reboot | linux (Ubuntu Zesty) | Critical | Fix Released | ||
Bug #1704435: [Xenial] nvme: Quirks for PM1725 controllers
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704435 | [Xenial] nvme: Quirks for PM1725 controllers | linux (Ubuntu) | Critical | Fix Released | ||
| 1704435 | [Xenial] nvme: Quirks for PM1725 controllers | linux (Ubuntu Artful) | Critical | Fix Released | ||
| 1704435 | [Xenial] nvme: Quirks for PM1725 controllers | linux (Ubuntu Xenial) | Critical | Fix Released | ||
| 1704435 | [Xenial] nvme: Quirks for PM1725 controllers | linux (Ubuntu Zesty) | Critical | Fix Released | ||
| 1704435 | [Xenial] nvme: Quirks for PM1725 controllers | linux (Ubuntu Yakkety) | Critical | Won't Fix | ||
Bug #1704961: linux: 4.10.0-29.33 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | linux (Ubuntu Zesty) | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow | Medium | Invalid | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Invalid | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Invalid | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1704961 | linux: 4.10.0-29.33 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Confirmed | ||
Bug #1704966: linux-raspi2: 4.10.0-1012.15 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | linux-raspi2 (Ubuntu) | Undecided | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | linux-raspi2 (Ubuntu Zesty) | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow | Medium | Invalid | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Invalid | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Invalid | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1704966 | linux-raspi2: 4.10.0-1012.15 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Confirmed | ||
Bug #1704994: linux: 3.13.0-126.175 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | linux (Ubuntu Trusty) | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
| 1704994 | linux: 3.13.0-126.175 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
