drivers/vfio/pci/vfio_pci.c in the Linux kernel up to and including 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |