Chiencc / asuswrt-gt-ac5300

asuswrt-gt-ac5300
Other
0 stars 0 forks source link

linuxlinux-2.6.39.2: 157 vulnerabilities (highest severity is: 9.8) - autoclosed #38

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 1 year ago
Vulnerable Library - linuxlinux-2.6.39.2

Apache Software Foundation (ASF)

Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/?wsslib=linux

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (3)

/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/readdir.c /release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/readdir.c /release/src-rt-7.14.114.x/src/linux/linux-2.6.36/fs/readdir.c

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (linuxlinux version) Remediation Available
CVE-2017-7895 Critical 9.8 linuxlinux-2.6.39.2 Direct v4.11
CVE-2011-3188 Critical 9.1 linuxlinux-2.6.39.2 Direct 3.1
CVE-2019-10220 High 8.8 linuxlinux-2.6.39.2 Direct v5.4-rc2
CVE-2011-4914 High 8.8 linuxlinux-2.6.39.2 Direct 2.6.39
CVE-2014-7822 High 8.4 detected in multiple dependencies Direct v3.16-rc1,v3.12.39,v3.14.47,v3.2.67
CVE-2014-8173 High 8.4 linuxlinux-2.6.39.2 Direct 3.13
CVE-2013-6282 High 8.4 linuxlinux-2.6.39.2 Direct 3.5.5
CVE-2011-4330 High 8.4 linuxlinux-2.6.39.2 Direct v3.2-rc2
CVE-2013-3301 High 8.4 detected in multiple dependencies Direct 3.8.8
CVE-2015-8550 High 8.2 linuxlinux-2.6.39.2 Direct v4.4-rc6,v3.12.58,v3.16.35,v3.2.76
CVE-2019-11597 High 8.1 linuxlinux-2.6.39.2 Direct v5.1-rc6
CVE-2018-20856 High 7.8 linuxlinux-2.6.39.2 Direct 4.19-rc1
CVE-2022-1998 High 7.8 linuxlinux-2.6.39.2 Direct v5.10.97,v5.15.20,v5.16.6,v5.17-rc3
CVE-2017-15951 High 7.8 linuxlinux-2.6.39.2 Direct 4.13.10
CVE-2017-1000379 High 7.8 linuxlinux-2.6.39.2 Direct v4.12-rc6
CVE-2020-0444 High 7.8 linuxlinux-2.6.39.2 Direct v4.14.173,v4.19.108,v4.4.216,v4.9.216,v5.4.24 v5.5.8
CVE-2020-27786 High 7.8 linuxlinux-2.6.39.2 Direct v4.4.224, v4.9.224, v4.14.181, v4.19.124, v5.4.42, v5.6.14, v5.7-rc6
CVE-2018-20669 High 7.8 linuxlinux-2.6.39.2 Direct v5.0-rc1
CVE-2021-3493 High 7.8 linuxlinux-2.6.39.2 Direct v5.11-rc1
CVE-2018-10879 High 7.8 linuxlinux-2.6.39.2 Direct v4.18-rc4
CVE-2018-10878 High 7.8 linuxlinux-2.6.39.2 Direct v4.18-rc4,v3.16.58,v3.18.124,v4.14.55,v4.17.6,v4.4.140,v4.9.112
CVE-2015-8966 High 7.8 linuxlinux-2.6.39.2 Direct v4.4
CVE-2022-30594 High 7.8 linuxlinux-2.6.39.2 Direct v4.9.311,v4.14.276,v4.19.238,v5.4.189,v5.10.110,v5.15.33,v5.16.19,v5.17.2,v5.18-rc1
CVE-2017-18075 High 7.8 linuxlinux-2.6.39.2 Direct 4.14.13
CVE-2019-11487 High 7.8 linuxlinux-2.6.39.2 Direct v5.1-rc5
CVE-2012-1097 High 7.8 linuxlinux-2.6.39.2 Direct 3.2.10
CVE-2017-17805 High 7.8 linuxlinux-2.6.39.2 Direct 4.14.8
CVE-2017-17806 High 7.8 detected in multiple dependencies Direct v4.15-rc4,v3.16.52,v3.18.89,v3.2.97,v4.1.49,v4.14.8,v4.4.107,v4.9.71
CVE-2021-33034 High 7.8 linuxlinux-2.6.39.2 Direct v5.4.119, v5.10.37, v5.11.21, v5.12.4
CVE-2018-9415 High 7.8 linuxlinux-2.6.39.2 Direct v4.17-rc3
CVE-2012-0044 High 7.8 linuxlinux-2.6.39.2 Direct 3.1.5
CVE-2020-14381 High 7.8 detected in multiple dependencies Direct 3.16.83,4.14.175,4.19.113,4.4.218,4.9.218,5.4.28,5.5.12
CVE-2018-7480 High 7.8 linuxlinux-2.6.39.2 Direct 4.11
CVE-2018-9385 High 7.8 linuxlinux-2.6.39.2 Direct v4.17-rc3
CVE-2017-7618 High 7.5 linuxlinux-2.6.39.2 Direct v4.11-rc8
CVE-2011-2699 High 7.5 linuxlinux-2.6.39.2 Direct 3.1
CVE-2019-11479 High 7.5 linuxlinux-2.6.39.2 Direct release-1.3.6
CVE-2022-3623 High 7.5 linuxlinux-2.6.39.2 Direct v6.0.3
CVE-2017-7645 High 7.5 linuxlinux-2.6.39.2 Direct v4.11
CVE-2019-19768 High 7.5 linuxlinux-2.6.39.2 Direct
CVE-2017-1000364 High 7.4 detected in multiple dependencies Direct v3.2.90,v3.16.45,v3.18.58,v4.1.42,v4.4.74,v4.9.34,v4.11.7,v4.12-rc6
CVE-2018-1000028 High 7.4 linuxlinux-2.6.39.2 Direct v4.15
CVE-2014-3215 High 7.4 linuxlinux-2.6.39.2 Direct kernel-doc - 2.6.32-504.16.2;kernel-abi-whitelists - 2.6.32-504.16.2;perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debug-devel - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-devel - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-python - 0.7.5-4,0.7.5-4;libcap-ng - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;kernel-debug-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-utils - 0.7.5-4,0.7.5-4;kernel-debug - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-devel - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-firmware - 2.6.32-504.16.2;kernel - 2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-debuginfo - 0.7.5-4,0.7.5-4;python-perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-i686 - 2.6.32-504.16.2;python-perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-headers - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-x86_64 - 2.6.32-504.16.2
CVE-2013-1979 High 7.4 linuxlinux-2.6.39.2 Direct v3.9-rc8,v3.2.44
CVE-2012-3511 High 7.4 linuxlinux-2.6.39.2 Direct v3.5-rc6,v3.2.23
CVE-2014-4014 High 7.4 linuxlinux-2.6.39.2 Direct 3.14.8
CVE-2011-1759 High 7.4 linuxlinux-2.6.39.2 Direct 2.6.39
CVE-2013-1773 High 7.4 linuxlinux-2.6.39.2 Direct 3.3
CVE-2013-6763 High 7.4 linuxlinux-2.6.39.2 Direct 3.12
CVE-2017-18270 High 7.1 linuxlinux-2.6.39.2 Direct 4.13.5
CVE-2017-7277 High 7.1 linuxlinux-2.6.39.2 Direct v4.11-rc4
CVE-2021-32078 High 7.1 linuxlinux-2.6.39.2 Direct v5.13-rc1
CVE-2019-14898 High 7.0 linuxlinux-2.6.39.2 Direct v5.1-rc6
CVE-2017-12146 High 7.0 linuxlinux-2.6.39.2 Direct 4.12.1
CVE-2019-11599 High 7.0 linuxlinux-2.6.39.2 Direct v5.1-rc6
CVE-2014-5207 High 7.0 detected in multiple dependencies Direct v3.17-rc1
CVE-2014-5206 High 7.0 detected in multiple dependencies Direct v3.17-rc1
CVE-2017-7533 High 7.0 detected in multiple dependencies Direct kernel-headers - 3.10.0-327.61.3;kernel-rt-trace-devel - 3.10.0-693.2.1.rt56.620;kernel-rt-debug-kvm - 3.10.0-693.2.1.rt56.620;kernel-bootwrapper - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;perf - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debuginfo - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debug-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-tools-libs - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;perf-debuginfo - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel-debug-debuginfo - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-debug - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel - 3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug-devel - 3.10.0-693.2.1.rt56.620;python-perf - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug - 3.10.0-693.2.1.rt56.620;kernel-rt-devel - 3.10.0-693.2.1.rt56.620;kernel-tools - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-trace-kvm - 3.10.0-693.2.1.rt56.620;kernel-tools-libs-devel - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-tools-debuginfo - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-kvm - 3.10.0-693.2.1.rt56.620;python-perf-debuginfo - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-headers - 3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-rt-trace - 3.10.0-693.2.1.rt56.620;kernel-debuginfo-common-x86_64 - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt - 3.10.0-693.2.1.rt56.620,3.10.0-693.2.1.rt56.620;kernel-doc - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-abi-whitelists - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2
CVE-2012-3510 Medium 6.8 linuxlinux-2.6.39.2 Direct v3.7-rc1
CVE-2023-2513 Medium 6.7 linuxlinux-2.6.39.2 Direct v4.9.326,v4.14.314,v4.19.282,v5.4.242,v5.10.179,v5.15.61,v5.18.18
CVE-2018-10840 Medium 6.6 linuxlinux-2.6.39.2 Direct v4.18
CVE-2017-17741 Medium 6.5 linuxlinux-2.6.39.2 Direct v4.15-rc5
CVE-2019-10638 Medium 6.5 linuxlinux-2.6.39.2 Direct v5.1-rc4
CVE-2021-3178 Medium 6.5 linuxlinux-2.6.39.2 Direct linux-libc-headers - 5.13;linux-yocto - 5.4.20+gitAUTOINC+c11911d4d1_f4d7dbafb1,4.8.26+gitAUTOINC+1c60e003c7_27efc3ba68
CVE-2014-9728 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.18.2
WS-2021-0517 Medium 6.2 linuxlinux-2.6.39.2 Direct Linux/Kernel - v4.4.294, v4.9.292, v4.14.258, v4.19.219, v5.4.163, v5.10.83, v5.15.6, v5.16-rc3
CVE-2014-9715 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.14.5
CVE-2011-2695 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.0-rc5
CVE-2014-8172 Medium 6.2 detected in multiple dependencies Direct 3.13
CVE-2011-4086 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.3.1
CVE-2011-2689 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.0-rc1
CVE-2011-1593 Medium 6.2 detected in multiple dependencies Direct 2.6.38.4
CVE-2014-3122 Medium 6.2 detected in multiple dependencies Direct 3.14.3
CVE-2011-2491 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.0
CVE-2014-9730 Medium 6.2 linuxlinux-2.6.39.2 Direct 3.18.2
CVE-2016-2847 Medium 6.2 linuxlinux-2.6.39.2 Direct 4.5
CVE-2014-9717 Medium 6.1 linuxlinux-2.6.39.2 Direct 4.0.2
CVE-2019-3837 Medium 6.1 linuxlinux-2.6.39.2 Direct v3.18-rc1
CVE-2020-8647 Medium 6.1 linuxlinux-2.6.39.2 Direct v5.6-rc5,v3.16.83,v4.14.173,v4.19.109,v4.4.216,v4.9.216,v5.4.25,v5.5.9
CVE-2020-10742 Medium 6.0 linuxlinux-2.6.39.2 Direct v3.16-rc1
CVE-2011-1020 Medium 5.9 detected in multiple dependencies Direct kernel-PAE - 2.6.18-274.17.1;kernel-doc - 2.6.32-220,2.6.18-274.17.1,2.6.32-131.25.1;kernel-xen - 2.6.18-274.17.1,2.6.18-274.17.1;kernel-PAE-devel - 2.6.18-274.17.1;perf - 2.6.32-220,2.6.32-131.25.1,2.6.32-131.25.1,2.6.32-220;kernel-debuginfo - 2.6.32-131.25.1,2.6.32-220,2.6.32-220,2.6.32-131.25.1;kernel-debug-devel - 2.6.32-220,2.6.18-274.17.1,2.6.32-220,2.6.32-131.25.1,2.6.18-274.17.1,2.6.32-131.25.1;perf-debuginfo - 2.6.32-131.25.1,2.6.32-131.25.1,2.6.32-220,2.6.32-220;kernel-debug-debuginfo - 2.6.32-220,2.6.32-220,2.6.32-131.25.1,2.6.32-131.25.1;kernel-debug - 2.6.32-220,2.6.32-131.25.1,2.6.18-274.17.1,2.6.18-274.17.1,2.6.32-131.25.1,2.6.32-220;kernel-devel - 2.6.18-274.17.1,2.6.32-220,2.6.32-131.25.1,2.6.32-220,2.6.18-274.17.1,2.6.32-131.25.1;kernel-firmware - 2.6.32-131.25.1,2.6.32-220;kernel - 2.6.18-274.17.1,2.6.32-220,2.6.32-131.25.1,2.6.18-274.17.1,2.6.32-220,2.6.32-131.25.1,2.6.32-131.25.1,2.6.18-274.17.1,2.6.32-220;kernel-xen-devel - 2.6.18-274.17.1,2.6.18-274.17.1;kernel-debuginfo-common-i686 - 2.6.32-220,2.6.32-131.25.1;kernel-headers - 2.6.32-131.25.1,2.6.32-220,2.6.18-274.17.1,2.6.32-220,2.6.18-274.17.1,2.6.32-131.25.1;kernel-debuginfo-common-x86_64 - 2.6.32-131.25.1,2.6.32-220
CVE-2011-4127 Medium 5.9 linuxlinux-2.6.39.2 Direct 3.2.2
CVE-2013-7470 Medium 5.9 linuxlinux-2.6.39.2 Direct v3.12-rc7
CVE-2012-3552 Medium 5.9 linuxlinux-2.6.39.2 Direct 3.0
CVE-2020-8649 Medium 5.9 linuxlinux-2.6.39.2 Direct v5.6-rc5,v3.16.83,v4.14.173,v4.19.109,v4.4.216,v4.9.216,v5.4.25,v5.5.9
CVE-2016-2550 Medium 5.5 detected in multiple dependencies Direct 4.5
CVE-2016-6198 Medium 5.5 linuxlinux-2.6.39.2 Direct 4.5.5
CVE-2016-9191 Medium 5.5 linuxlinux-2.6.39.2 Direct v4.10-rc4
CVE-2023-2985 Medium 5.5 linuxlinux-2.6.39.2 Direct v4.14.308,v4.19.276,v5.4.235,v5.10.173,v5.15.99,v6.1.16,v6.2.3
CVE-2018-16862 Medium 5.5 linuxlinux-2.6.39.2 Direct v4.20-rc5
CVE-2018-10883 Medium 5.5 detected in multiple dependencies Direct v4.18-rc4
CVE-2018-10880 Medium 5.5 linuxlinux-2.6.39.2 Direct v4.18-rc4
CVE-2022-40768 Medium 5.5 linuxlinux-2.6.39.2 Direct v4.9.331,v4.14.296,v4.19.262,v5.4.218,v5.10.148,v5.15.74,v5.19.16,v6.0.2
CVE-2020-10769 Medium 5.5 linuxlinux-2.6.39.2 Direct v5.0-rc3
CVE-2011-4915 Medium 5.5 detected in multiple dependencies Direct v3.3-rc1
CVE-2011-4917 Medium 5.5 linuxlinux-2.6.39.2 Direct v3.3-rc1
CVE-2018-10876 Medium 5.5 detected in multiple dependencies Direct v4.18-rc4
CVE-2011-4081 Medium 5.5 linuxlinux-2.6.39.2 Direct 3.1
CVE-2015-4176 Medium 5.5 linuxlinux-2.6.39.2 Direct 4.0.2
CVE-2015-4177 Medium 5.5 linuxlinux-2.6.39.2 Direct 4.0.5
CVE-2019-5489 Medium 5.5 linuxlinux-2.6.39.2 Direct v5.0-rc1
CVE-2016-0617 Medium 5.5 linuxlinux-2.6.39.2 Direct The vendor has issued a source code fix, available at:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9aacdd354d197ad64685941b36d28ea20ab88757 | ❌ | | CVE-2021-45868 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v4.4.293,v4.9.291,v4.14.256,v4.19.218,v5.4.160,v5.10.80,v5.14.19,v5.15.3,v5.16-rc1 | ❌ | | CVE-2020-8992 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v5.6-rc2,v5.4.21,v5.5.5 | ❌ | | CVE-2017-18232 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v4.16-rc1,v4.14.192 | ❌ | | CVE-2014-7975 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | kernel-rt-trace-devel - 3.10.0-693.rt56.617;kernel-rt-debug-kvm - 3.10.0-693.rt56.617;kernel-bootwrapper - 3.10.0-693,3.10.0-693;perf - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-debuginfo - 3.10.0-693;kernel-debug-devel - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-tools-libs - 3.10.0-693,3.10.0-693,3.10.0-693;perf-debuginfo - 3.10.0-693;kernel-debug-debuginfo - 3.10.0-693;kernel-debug - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-devel - 3.10.0-693,3.10.0-693,3.10.0-693;kernel - 3.10.0-693,3.10.0-693,3.10.0-693,3.10.0-693;kernel-rt-debug-devel - 3.10.0-693.rt56.617;python-perf - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-rt-debug - 3.10.0-693.rt56.617;kernel-rt-devel - 3.10.0-693.rt56.617;kernel-tools - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-rt-trace-kvm - 3.10.0-693.rt56.617;kernel-tools-libs-devel - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-tools-debuginfo - 3.10.0-693;kernel-rt-doc - 3.10.0-693.rt56.617;kernel-rt-kvm - 3.10.0-693.rt56.617;python-perf-debuginfo - 3.10.0-693;kernel-headers - 3.10.0-693,3.10.0-693,3.10.0-693;kernel-rt-trace - 3.10.0-693.rt56.617;kernel-debuginfo-common-x86_64 - 3.10.0-693;kernel-rt - 3.10.0-693.rt56.617,3.10.0-693.rt56.617;kernel-doc - 3.10.0-693;kernel-abi-whitelists - 3.10.0-693 | ❌ | | CVE-2017-15116 | Medium | 5.5 | detected in multiple dependencies | Direct | 4.2 | ❌ | | CVE-2011-2898 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | 2.6.39.3 | ❌ | | CVE-2017-18221 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | 4.11.4 | ❌ | | CVE-2018-1095 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v4.17-rc1 | ❌ | | CVE-2018-1093 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v4.17-rc1 | ❌ | | CVE-2011-3637 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | 2.6.39 | ❌ | | CVE-2019-20054 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v5.1-rc3 | ❌ | | CVE-2016-4581 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | 4.5.4 | ❌ | | CVE-2016-0821 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | 4.3 | ❌ | | CVE-2017-18208 | Medium | 5.5 | linuxlinux-2.6.39.2 | Direct | v4.15-rc2,v3.16.57,v3.18.86,v3.2.102,v4.1.48,v4.14.4,v4.4.104,v4.9.67 | ❌ | | CVE-2013-7446 | Medium | 5.3 | linuxlinux-2.6.39.2 | Direct | 4.3.3 | ❌ | | CVE-2012-2373 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 3.4.5 | ❌ | | CVE-2012-2133 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 3.3.6 | ❌ | | CVE-2012-4565 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | v3.7-rc1 | ❌ | | CVE-2011-2183 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 2.6.39.3 | ❌ | | CVE-2013-1957 | Medium | 5.1 | detected in multiple dependencies | Direct | v3.9-rc5 | ❌ | | CVE-2014-3940 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | v3.15 | ❌ | | CVE-2011-1479 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 2.6.39 | ❌ | | CVE-2015-8839 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 4.5 | ❌ | | CVE-2013-1772 | Medium | 5.1 | linuxlinux-2.6.39.2 | Direct | 3.4.33 | ❌ | | CVE-2012-1179 | Medium | 4.8 | detected in multiple dependencies | Direct | 3.3.1 | ❌ | | CVE-2013-4345 | Medium | 4.8 | linuxlinux-2.6.39.2 | Direct | v3.13-rc2 | ❌ | | CVE-2020-29372 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.7-rc3,v5.6.8 | ❌ | | CVE-2022-39188 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.19 | ❌ | | CVE-2016-6213 | Medium | 4.7 | detected in multiple dependencies | Direct | 4.9 | ❌ | | CVE-2020-12114 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.3-rc1 | ❌ | | CVE-2019-15292 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.1-rc1 | ❌ | | CVE-2019-3016 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.6-rc1 | ❌ | | CVE-2023-1582 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | v5.10.102,v5.15.25,v5.16.10 | ❌ | | CVE-2014-8086 | Medium | 4.7 | linuxlinux-2.6.39.2 | Direct | python-perf-debuginfo - 3.10.0-229;kernel-headers - 3.10.0-229,3.10.0-229;kernel-debuginfo-common-x86_64 - 3.10.0-229;kernel-doc - 3.10.0-229;kernel-abi-whitelists - 3.10.0-229;kernel-bootwrapper - 3.10.0-229;perf - 3.10.0-229,3.10.0-229;kernel-debuginfo - 3.10.0-229;kernel-debug-devel - 3.10.0-229,3.10.0-229;kernel-tools-libs - 3.10.0-229,3.10.0-229;perf-debuginfo - 3.10.0-229;kernel-debug-debuginfo - 3.10.0-229;kernel-debug - 3.10.0-229,3.10.0-229;kernel-devel - 3.10.0-229,3.10.0-229;kernel - 3.10.0-229,3.10.0-229,3.10.0-229;python-perf - 3.10.0-229,3.10.0-229;kernel-tools - 3.10.0-229,3.10.0-229;kernel-tools-libs-devel - 3.10.0-229,3.10.0-229;kernel-tools-debuginfo - 3.10.0-229 | ❌ | | CVE-2016-7097 | Medium | 4.4 | detected in multiple dependencies | Direct | v4.9-rc1 | ❌ | | CVE-2013-2929 | Medium | 4.0 | linuxlinux-2.6.39.2 | Direct | 3.12.2 | ❌ | | CVE-2013-2148 | Medium | 4.0 | linuxlinux-2.6.39.2 | Direct | v3.11-rc1 | ❌ | | CVE-2013-2546 | Medium | 4.0 | detected in multiple dependencies | Direct | v3.9-rc1 | ❌ | | CVE-2013-2548 | Medium | 4.0 | detected in multiple dependencies | Direct | v3.9-rc1 | ❌ | | CVE-2013-2547 | Medium | 4.0 | detected in multiple dependencies | Direct | v3.9-rc1 | ❌ | | CVE-2017-5967 | Medium | 4.0 | detected in multiple dependencies | Direct | v4.11-rc1 | ❌ | | CVE-2013-1956 | Medium | 4.0 | detected in multiple dependencies | Direct | v3.9-rc5 | ❌ | | CVE-2014-9644 | Medium | 4.0 | detected in multiple dependencies | Direct | 3.18.5 | ❌ | | CVE-2012-4530 | Medium | 4.0 | detected in multiple dependencies | Direct | 3.7.2 | ❌ | | CVE-2014-9731 | Medium | 4.0 | detected in multiple dependencies | Direct | 3.18.2 | ❌ | | CVE-2016-0823 | Medium | 4.0 | linuxlinux-2.6.39.2 | Direct | 3.19.3 | ❌ | | CVE-2020-16166 | Low | 3.7 | linuxlinux-2.6.39.2 | Direct | kernel-debug-modules-extra - 4.18.0-193.37.1;perf - 4.18.0-193.37.1,4.18.0-147.38.1;kernel-zfcpdump-modules-extra - 4.18.0-193.37.1;kernel-debug-devel - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1;bpftool - 4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1;kernel-rt-debug-core - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-tools-libs - 4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1;perf-debuginfo - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1;kernel-cross-headers - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-240.8.1;kernel-debug-debuginfo - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1;kernel-debug - 4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1;kernel-devel - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1;kernel - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1;bpftool-debuginfo - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1;kernel-zfcpdump-core - 4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1;kernel-debug-core - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-147.38.1;kernel-modules-extra - 4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1;kernel-rt-debug-devel - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-core - 4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1;kernel-rt-debug - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-rt-devel - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;python3-perf - 4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1;kernel-tools - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1;kernel-debug-modules - 4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1;kernel-rt-debuginfo-common-x86_64 - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-modules - 4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1;kernel-tools-debuginfo - 4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1;kernel-rt-modules - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-rt-kvm - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-headers - 4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-147.38.1;kernel-debuginfo-common-x86_64 - 4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-147.38.1;kernel-rt - 4.18.0-193.37.1.rt13.87,4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62,4.18.0-240.8.1.rt7.62;kernel-zfcpdump - 4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1;kernel-rt-debug-modules-extra - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;python3-perf-debuginfo - 4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-193.37.1;kernel-rt-modules-extra - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-doc - 4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1;kernel-rt-core - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-rt-debug-debuginfo - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-abi-whitelists - 4.18.0-240.8.1,4.18.0-193.37.1,4.18.0-147.38.1;kernel-zfcpdump-modules - 4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1;kernel-debug-modules-extra - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1,4.18.0-240.8.1;kernel-rt-debug-kvm - 4.18.0-240.8.1.rt7.62,4.18.0-193.37.1.rt13.87;kernel-rt-debuginfo - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-rt-debug-modules - 4.18.0-193.37.1.rt13.87,4.18.0-240.8.1.rt7.62;kernel-zfcpdump-devel - 4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1;perf - 4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1,4.18.0-147.38.1,4.18.0-193.37.1,4.18.0-240.8.1,4.18.0-240.8.1;kernel-zfcpdump-modules-extra - 4.18.0-147.38.1,4.18.0-240.8.1;kernel-debuginfo - 4.18.0-193.37.1,4.18.0-147.38.1,4.18.0-240.8.1 | ❌ | | CVE-2015-8952 | Low | 3.3 | linuxlinux-2.6.39.2 | Direct | 4.6 | ❌ | | CVE-2011-4098 | Low | 2.9 | detected in multiple dependencies | Direct | 3.2 | ❌ | | CVE-2012-3520 | Low | 2.9 | linuxlinux-2.6.39.2 | Direct | 3.2.30 | ❌ | | CVE-2010-4075 | Low | 2.9 | linuxlinux-2.6.39.2 | Direct | 2.6.37-rc1 | ❌ | | CVE-2010-4074 | Low | 2.9 | linuxlinux-2.6.39.2 | Direct | 2.6.36-rc5 | ❌ | | CVE-2010-4077 | Low | 2.9 | linuxlinux-2.6.39.2 | Direct | v2.6.37-rc1 | ❌ | | CVE-2010-4076 | Low | 2.9 | linuxlinux-2.6.39.2 | Direct | v2.6.37-rc1 | ❌ | | CVE-2012-6536 | Low | 2.5 | linuxlinux-2.6.39.2 | Direct | v3.6-rc7,v3.2.31 | ❌ |

Details

Partial details (1 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2017-7895 ### Vulnerable Library - linuxlinux-2.6.39.2

Apache Software Foundation (ASF)

Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/?wsslib=linux

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

Publish Date: 2017-04-28

URL: CVE-2017-7895

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7895

Release Date: 2017-04-28

Fix Resolution: v4.11

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #39

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #39