CVE-2017-8063

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.9.x through 4.10.x before 4.10.12

Description The issue is caused by a buffer overflow in the drivers/media/usb/dvb-usb/cxusb.c driver of the Linux kernel. It can be exploited by a local attacker who interacts incorrectly with the CONFIG VMAP STACK parameter, potentially causing a denial of service, such as a system crash, or possibly other unspecified impacts. This is achieved by leveraging the use of more than one virtual page for a DMA scatterlist.

Recommendations For Linux kernel versions 4.9.x through 4.10.x before 4.10.12, update to version 4.10.12 or later to resolve the issue.