CVE-2017-8068

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.9.11

Description The issue is caused by a buffer overflow in the Linux kernel's drivers/net/usb/pegasus.c driver. It can be exploited by a local attacker who interacts incorrectly with the CONFIG VMAP STACK parameter, potentially causing a denial of service, such as a system crash or memory corruption. The exploitation may involve using more than one virtual page for a DMA scatterlist.

Recommendations For Linux kernel versions prior to 4.9.11, update to version 4.9.11 or later to resolve the issue. As a temporary workaround, consider restricting interactions with the CONFIG VMAP STACK option to minimize the risk of exploitation.