Medium severity6.4NVD Advisory· Published May 8, 2017· Updated May 13, 2026

CVE-2017-8831

Description

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.

Affected products

Canonical/Ubuntu Linux
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <=4.11.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002cnvdPatchThird Party Advisory
www.securityfocus.com/archive/1/540770/30/0/threadednvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/99619nvdThird Party AdvisoryVDB Entry
lists.debian.org/debian-lts-announce/2017/12/msg00004.htmlnvdMailing ListThird Party Advisory
usn.ubuntu.com/3754-1/nvdThird Party Advisory
bugzilla.kernel.org/show_bug.cginvdIssue Tracking

News mentions

No linked articles in our index yet.

cvss	0.416
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000