Lisandro Damián Nicanor Pérez Meyer

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.9.11 **Description** The issue is caused by a buffer overflow in the Linux kernel's drivers/net/usb/pegasus.c driver. It can be exploited by a local attacker who interacts incorrectly with the `CONFIG VMAP STACK` parameter, potentially causing a denial of service, such as a system crash or memory corruption. The exploitation may involve using more than one virtual page for a DMA scatterlist. **Recommendations** For Linux kernel versions prior to 4.9.11, update to version 4.9.11 or later to resolve the issue. As a temporary workaround, consider restricting interactions with the `CONFIG VMAP STACK` option to minimize the risk of exploitation.