CVE-2017-1000363

CVSS v3.1 7.8 (High)

CVSS v2.0 7.2 (High)

EPSS 0.04 % (13^th)

Affected Products 2

Advisories 16

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

Weaknesses

CWE-787: Out-of-bounds Write

Related CVEs

CVE-2016-10277

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2017-07-17 13:18:18
(7 years ago)
Updated Date: 2023-01-17 21:03:53
(20 months ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 2.6.12 version and prior 3.2.91 version	cpe:2.3:o:linux:linux_kernel	>= 2.6.12	< 3.2.91
Linux Kernel from 3.3 version and prior 3.10.106 version	cpe:2.3:o:linux:linux_kernel	>= 3.3	< 3.10.106
Linux Kernel from 3.11 version and prior 3.16.46 version	cpe:2.3:o:linux:linux_kernel	>= 3.11	< 3.16.46
Linux Kernel from 3.17 version and prior 3.18.55 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.55
Linux Kernel from 3.19 version and prior 4.1.41 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.41
Linux Kernel from 4.2 version and prior 4.4.70 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.70
Linux Kernel from 4.5 version and prior 4.9.30 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.9.30
Linux Kernel from 4.10 version and prior 4.11.3 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.11.3
Linux Kernel 4.12 Rc1	cpe:2.3:o:linux:linux_kernel:4.12:rc1

Configuration #2

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0