VDB

CVE-2017-5576

CVE-2017-5576 PUBLISHED

Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.

EPSS 0.04% · 11.6th percentile

Risk Scores

EPSS Score
0.04%
11.6th percentile

Affected Products

VendorProductVersions
Ubuntu:22.04:LTSlinux-riscv5.15.0-1008.8, 0, 5.15.0-1011.12
Ubuntu:18.04:LTSlinux-azure4.18.0-1025.27~18.04.1, 5.0.0-1014.14~18.04.1, 5.0.0-1016.17~18.04.1
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1086.91+cvm1.1, 5.4.0-1085.90+cvm2.1, 5.4.0-1083.87+cvm1.1
Ubuntu:18.04:LTSlinux-gcp4.15.0-1024.25, 5.0.0-1028.29~18.04.1, 4.15.0-1023.24
Ubuntu:18.04:LTSlinux-hwe5.0.0-25.26~18.04.1, 0, 4.18.0-13.14~18.04.1
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:24.04:LTSlinux-raspi-realtime0, 6.8.0-2019.20
Ubuntu:20.04:LTSlinux-gke5.4.0-1052.55, 5.4.0-1056.59, 5.4.0-1057.60
Ubuntu:20.04:LTSlinux-raspi25.3.0-1017.19, 5.3.0-1014.16, 5.3.0-1007.8
Ubuntu:16.04:LTSlinux-hwe4.8.0-52.55~16.04.1, 4.10.0-30.34~16.04.1, 4.8.0-58.63~16.04.1
Ubuntu:20.04:LTSlinux-riscv5.4.0-36.41, 5.4.0-34.38, 5.4.0-24.28
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75

Timeline

  • Feb 6, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›