Linux Kernel CVE Statistics
23 Linux Kernel CVEs in March 2017
Full month · Source: NIST NVD
In March 2017, 23 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 2 were rated Critical, 13 were rated High severity and 7 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. March's 23 CVEs represent 4% of all 2017 Linux kernel CVEs , down from February's 29 (a 21% month-over-month decrease) .
23
Total CVEs
2
Critical
13
High
7
Medium
1
Low
0
KEV Exploited
All CVEs — March 2017
23 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2017-5897 | linux | Critical | 9.8 | 2017-03-23 | The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact vi… | |
| CVE-2017-5206 | linux | Critical | 9.0 | 2017-03-23 | Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a sec… | |
| CVE-2017-7374 | linux | High | 7.8 | 2017-03-31 | Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of se… | |
| CVE-2017-2647 | linux | High | 7.8 | 2017-03-31 | The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (… | |
| CVE-2017-7308 | linux | High | 7.8 | 2017-03-29 | The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate ce… | |
| CVE-2017-7294 | linux | High | 7.8 | 2017-03-29 | The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 doe… | |
| CVE-2017-7187 | linux | High | 7.8 | 2017-03-20 | The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of s… | |
| CVE-2017-7184 | linux | High | 7.8 | 2017-03-19 | The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certai… | |
| CVE-2017-6347 | linux | High | 7.8 | 2017-03-01 | The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectatio… | |
| CVE-2017-6345 | linux | High | 7.8 | 2017-03-01 | The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circum… | |
| CVE-2017-7277 | linux | High | 7.1 | 2017-03-28 | The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local … | |
| CVE-2017-6874 | linux | High | 7.0 | 2017-03-14 | Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (u… | |
| CVE-2017-2636 | linux | High | 7.0 | 2017-03-07 | Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or caus… | |
| CVE-2016-10200 | linux | High | 7.0 | 2017-03-07 | Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain priv… | |
| CVE-2017-6346 | linux | High | 7.0 | 2017-03-01 | Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of serv… |