CVE-2017-8627 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Corporation Windows Subsystem FOR Linux

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources

Severity

4.7MEDIUMNVD

EPSS

0.6%

top 31.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Windows Subsystem FOR Linux Microsoft Windows 10 Msrc Windows 10 Version 1703 FOR X64-based Systems

Timeline

PublishedAug 8

Latest updateMay 17

Description

Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5microsoft_corporation/windows_subsystem_for_linuxWindows 10 1703

▶msrcmsrc/windows_10_version_1703_for_x64-based_systems

▶NVDmicrosoft/windows_101703

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-34hc-f35h-vj85: Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Sub↗2022-05-17

▶

📋Vendor Advisories

Microsoft

Windows Subsystem for Linux Denial of Service Vulnerability↗2017-08-08

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - August 2017↗2017-08-08

▶

Talos

Microsoft Patch Tuesday - August 2017↗2017-08-08

▶