2 matches found
SUSE CVE-2017-1000363
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line adversary can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...
The vulnerability of the lp_setup() function in the Secure Boot environment loader of the Linux operating system allows a hacker to cause a system failure.
The vulnerability of the lpsetup function, a loader for the Secure Boot mechanism in Linux kernel, arises from writing beyond buffer boundaries. The Linux driver/char/lp.c code does not perform boundary checking on the parportnr array. Exploiting this vulnerability could allow an attacker to caus...