CVE-2017-16994

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-16994
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16994.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-16994
Downstream
Related
Published
2017-11-27T19:29:00Z
Modified
2025-08-09T19:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.

References

Affected packages