CVE-2017-7261

MEDIUM Year: 2017
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-20
View all →

Vulnerability Description

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.

Related Vulnerabilities

CVE-2008-7316

MEDIUM
CVSS:5.5(Medium)

mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault ...

CWE-202008

CVE-2010-3049

MEDIUM
CVSS:5.5(Medium)

Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).

CWE-202010

CVE-2010-3293

MEDIUM
CVSS:5.5(Medium)

mailscanner can allow local users to prevent virus signatures from being updated

CWE-202010

CVE-2010-5328

MEDIUM
CVSS:5.5(Medium)

include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of se...

CWE-202010

CVE-2011-0220

MEDIUM
CVSS:5.5(Medium)

Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.

CWE-202011