617932 – (CVE-2017-8831) sys-kernel/gentoo-sources: saa7164_bus_get function Denial of Service (CVE-2017-8831)

Bug 617932 (CVE-2017-8831) - sys-kernel/gentoo-sources: saa7164_bus_get function Denial of Service (CVE-2017-8831)

Summary: sys-kernel/gentoo-sources: saa7164_bus_get function Denial of Service (CVE-20...

Status:	RESOLVED FIXED

Alias:	CVE-2017-8831

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Kernel Security

URL:
Whiteboard:	[cve]
Keywords:

Depends on:
Blocks:

Reported:	2017-05-09 07:14 UTC by GLSAMaker/CVETool Bot
Modified:	2019-03-12 05:31 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2017-05-09 07:14:45 UTC

CVE-2017-8831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8831):
  The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in
  the Linux kernel through 4.10.14 allows local users to cause a denial of
  service (out-of-bounds array access) or possibly have unspecified other
  impact by changing a certain sequence-number value, aka a "double fetch"
  vulnerability.