Bugzilla – Bug 1035681
VUL-0: CVE-2017-8064: kernel-source: drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.xbefore 4.10.12 inte...
Last modified: 2017-04-28 11:26:32 UTC
drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x
before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which
allows local users to cause a denial of service (system crash or memory
corruption) or possibly have unspecified other impact by leveraging use of more
than one virtual page for a DMA scatterlist.
"struct device device" seems to be there for some time
CONFIG_VMAP_STACK is new in 4.9, and it's already fixed in the recent 4.10.x.
We are unaffected.
Reassigned back to security team. Feel free to close.
fixed upstream, no current SUSE or openSUSE affected