Lucene search

K
ubuntucveUbuntu.comUB:CVE-2017-5576
HistoryFeb 06, 2017 - 12:00 a.m.

CVE-2017-5576

2017-02-0600:00:00
ubuntu.com
ubuntu.com
4

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

Integer overflow in the vc4_get_bcl function in
drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux
kernel before 4.9.7 allows local users to cause a denial of service or
possibly have unspecified other impact via a crafted size value in a
VC4_SUBMIT_CL ioctl call.

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
tyhicks See lkml.org link for the proposed fix. As of 2017-01-25, the fix has not been committed upstream.
OSVersionArchitecturePackageVersionFilename
ubuntu16.10noarchlinux< 4.8.0-59.64UNKNOWN
ubuntu16.10noarchlinux-raspi2< 4.8.0-1043.47UNKNOWN
ubuntu16.04noarchlinux-hwe< 4.10.0-27.30~16.04.2UNKNOWN
ubuntu16.04noarchlinux-hwe-edge< 4.10.0-27.30~16.04.2UNKNOWN

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%