CVE
CVE-2017-8065
crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory...
crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.8
-
3.0
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
C
H
U
7.8
-
3.0
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
C
H
U
-
Related Resources
No items found.
References
http://www.openwall.com/lists/oss-security/2017/04/16/4, http://www.securityfocus.com/bid/97994, http://www.openwall.com/lists/oss-security/2017/04/16/4, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b30460c5b0ed762be75a004e924ec3f8711e032, https://github.com/torvalds/linux/commit/3b30460c5b0ed762be75a004e924ec3f8711e032, http://www.openwall.com/lists/oss-security/2017/04/16/4
Basic Information
Ecosystem
