cpe:/o:debian:debian_linux:9.0 cpe:/o:linux:linux_kernel:4.14.8 CVE-2017-16995 2017-12-27T12:08:17.670-05:00 2018-07-27T21:29:03.270-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BID 102288 EXPLOIT-DB 44298 EXPLOIT-DB 45010 EXPLOIT-DB 45058 DEBIAN DSA-4073 UBUNTU USN-3523-2 UBUNTU USN-3619-1 UBUNTU USN-3619-2 UBUNTU USN-3633-1 MISC http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f MISC http://openwall.com/lists/oss-security/2017/12/21/2 MISC https://bugs.chromium.org/p/project-zero/issues/detail?id=1454 MISC https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.