CVE-2017-5706: Buffer Overflow
First published: Tue Nov 21 2017(Updated: )
Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Server Platform Services Firmware | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.securityfocus.com/bid/101906
- http://www.securitytracker.com/id/1039955
- https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
- https://security.netapp.com/advisory/ntap-20171120-0001/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us
- https://twitter.com/PTsecurity_UK/status/938447926128291842
- https://www.asus.com/News/wzeltG5CjYaIwGJ0
- https://www.theregister.com/2024/08/27/intel_root_key_xeons/
Frequently Asked Questions
What is CVE-2017-5706?
CVE-2017-5706 is a vulnerability in Intel Server Platform Services Firmware that allows an attacker with local access to the system to execute arbitrary code.
What is the severity of CVE-2017-5706?
CVE-2017-5706 has a severity rating of 7.8 (high).
How does CVE-2017-5706 affect Intel Server Platform Services Firmware?
CVE-2017-5706 affects Intel Server Platform Services Firmware version 4.0.
Is there a fix for CVE-2017-5706?
Yes, updating Intel Server Platform Services Firmware to a version newer than 4.0 will fix CVE-2017-5706.
Where can I find more information about CVE-2017-5706?
More information about CVE-2017-5706 can be found at the following references: [Oracle Security Advisory](http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html), [SecurityFocus](http://www.securityfocus.com/bid/101906), [SecurityTracker](http://www.securitytracker.com/id/1039955).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/the-register
- source/The Register
- alias/CVE-2017-5705
- alias/CVE-2017-5706
- alias/CVE-2017-5707
- alias/CVE-2019-0090
- agent/severity
- agent/remedy
- agent/references
- agent/author
- agent/weakness
- agent/tags
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel server platform services firmware
- version/intel server platform services firmware/4.0