CVE-2017-5577
Description
The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.04
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3326-1) linux-image-virtual_4.8.0.56.69_i386.deb | Linux |
| Linux kernel (USN-3326-1) linux-image-virtual_4.8.0.56.69_amd64.deb | Linux |
| Linux kernel (USN-3326-1) linux-image-4.8.0-56-generic_4.8.0-56.61_i386.deb | Linux |
| Linux kernel (USN-3326-1) linux-image-4.8.0-56-generic_4.8.0-56.61_amd64.deb | Linux |
| Linux kernel (USN-3326-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61_i386.deb | Linux |
| Linux kernel (USN-3326-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-generic_4.8.0-56.61~16.04.1_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-generic_4.8.0-56.61~16.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-generic-hwe-16.04_4.8.0.56.27_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-generic-hwe-16.04_4.8.0.56.27_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61~16.04.1_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-4.8.0-56-lowlatency_4.8.0-56.61~16.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-lowlatency-hwe-16.04_4.8.0.56.27_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3333-1) linux-image-lowlatency-hwe-16.04_4.8.0.56.27_amd64.deb | Linux |
| Linux kernel (USN-3342-1) linux-image-4.8.0-58-generic_4.8.0-58.63_i386.deb | Linux |
| Linux kernel (USN-3342-1) linux-image-4.8.0-58-generic_4.8.0-58.63_amd64.deb | Linux |
| Linux kernel (USN-3342-1) linux-image-4.8.0-58-lowlatency_4.8.0-58.63_i386.deb | Linux |
| Linux kernel (USN-3342-1) linux-image-4.8.0-58-lowlatency_4.8.0-58.63_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-generic_4.8.0-58.63~16.04.1_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-generic_4.8.0-58.63~16.04.1_amd64.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-lowlatency_4.8.0-58.63~16.04.1_i386.deb | Linux |
| Linux hardware enablement (HWE) kernel (USN-3342-2) linux-image-4.8.0-58-lowlatency_4.8.0-58.63~16.04.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234