CVE-2017-8062

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.9.x through 4.10.3

Description The issue is caused by a buffer overflow in the drivers/media/usb/dvb-usb/dw2102.c driver of the Linux kernel. It can be exploited by a local attacker who interacts incorrectly with the CONFIG VMAP STACK parameter, potentially causing a denial of service, such as a system crash or memory corruption. The exploitation may also have other unspecified impacts by using more than one virtual page for a DMA scatterlist.

Recommendations For Linux kernel versions 4.9.x through 4.10.3, update to version 4.10.4 or later to resolve the issue. As a temporary workaround, consider restricting interactions with the CONFIG VMAP STACK option to minimize the risk of exploitation.