3 matches found
CVE-2016-7425
The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service heap-based buffer overflow via an ARCMSRMESSAGEWRITEWQBUFFER control code...
CVE-2016-7425
CVE-2016-7425 affects the Linux kernel component arcmsr_iop_message_xfer in drivers/scsi/arcmsr/arcmsr_hba.c. The vulnerability arises because a length field is not properly restricted, enabling a local user to trigger a heap-based buffer overflow via the ARCMSR_MESSAGE_WRITE_WQBUFFER control cod...
CVE-2016-7425
The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service heap-based buffer overflow via an ARCMSRMESSAGEWRITEWQBUFFER control code...