Published: 08/05/2017 Updated: 01/06/2021

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 6.4 | Impact Score: 5.9 | Exploitability Score: 0.5

VMScore: 615

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel up to and including 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 14.04
debian debian linux 7.0

Several security issues were fixed in the Linux kernel ...

Buffer overflow in mp_override_legacy_irq():Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/bootc in the Linux kernel through 4122 allows local users to gain privileges via a crafted ACPI table (CVE-2017-11473) A race between inotify_handle_event() and sys_rename():A race condition was found in the Linux kernel, ...

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-busc in the Linux kernel through 41014 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability ...

CWE-125 https://bugzilla.kernel.org/show_bug.cgi?id=195559 https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c http://www.securityfocus.com/archive/1/540770/30/0/threaded http://www.securityfocus.com/bid/99619 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1/https://nvd.nist.gov https://usn.ubuntu.com/3754-1/

CVE-2017-8831

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect