VYPR
← All advisories
High severity7.8NVD Advisory· Published Apr 23, 2017· Updated May 13, 2026

CVE-2017-8061

CVE-2017-8061

Description

drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

Affected products

28
  • Linux/Kernel25 versions
    cpe:2.3:o:linux:linux_kernel:4.10:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:o:linux:linux_kernel:4.10:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.10.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.10.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.10.4:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.10.5:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.10.6:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.10:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.11:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.12:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.13:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.14:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.15:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.16:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.17:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.18:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.19:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.3:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.4:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.5:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.6:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.8:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:4.9.9:*:*:*:*:*:*:*
  • osv-coords3 versions
    pkg:deb/ubuntu/linux-flo@3.4.0-5.23?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/linux-goldfish@3.4.0-4.27?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/linux-mako@3.4.0-7.44?arch=source&distro=esm-apps/xenial
    >= 0+ 2 more
    • (no CPE)range: >= 0
    • (no CPE)range: >= 0
    • (no CPE)range: >= 0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.