CVE-2017-8067

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.9.x and 4.10.x before 4.10.12

Description The issue is caused by incorrect interaction with the CONFIG VMAP STACK option in the drivers/char/virtio console.c file, allowing local users to cause a denial of service, such as a system crash or memory corruption, by leveraging the use of more than one virtual page for a DMA scatterlist. This can be achieved by exploiting a buffer overflow in memory.

Recommendations For Linux kernel versions 4.9.x and 4.10.x before 4.10.12, update to version 4.10.12 or later to resolve the issue. As a temporary workaround, consider disabling the CONFIG VMAP STACK option until a patch is available. Restrict access to the drivers/char/virtio console.c file to minimize the risk of exploitation.