1445328 – (CVE-2017-8070) CVE-2017-8070 kernel: catc.c interacts incorrectly with the CONFIG_VMAP_STACK option

Bug 1445328 (CVE-2017-8070) - CVE-2017-8070 kernel: catc.c interacts incorrectly with the CONFIG_VMAP_STACK option

Summary: CVE-2017-8070 kernel: catc.c interacts incorrectly with the CONFIG_VMAP_STACK...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2017-8070
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1445344
Blocks:
TreeView+	depends on / blocked

Reported:	2017-04-25 13:43 UTC by Adam Mariš
Modified:	2019-09-29 14:11 UTC (History)
CC List:	28 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-06-08 03:11:12 UTC
Embargoed:

Attachments	(Terms of Use)

Description Adam Mariš 2017-04-25 13:43:02 UTC

drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11
interacts incorrectly with the CONFIG_VMAP_STACK option, which allows
local users to cause a denial of service (system crash or memory
corruption) or possibly have unspecified other impact by leveraging
use of more than one virtual page for a DMA scatterlist.

Upstream patch:

https://github.com/torvalds/linux/commit/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478

Comment 1 Adam Mariš 2017-04-25 13:53:03 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1445344]

Comment 2 Justin M. Forbes 2017-04-25 21:37:33 UTC

All Fedora releases have been on 4.10.x or newer for some time now.

Note You need to log in before you can comment on or make changes to this bug.

aquini
bhu
dhoward
fhrbata
gansalmon
hwkernel-mgr
iboverma
ichavero
itamar
jforbes
jkacur
jonathan
jross
jwboyer
kernel-maint
kernel-mgr
labbott
lgoncalv
madhu.chinakonda
matt
mchehab
mcressma
nmurray
pholasek
plougher
rt-maint
rvrbovsk
williams