Integer overflow vulnerability in Linux kernel's vfio_pci_intrs.c file

Integer overflow vulnerability in Linux kernel's vfio_pci_intrs.c file

CVE-2016-9084 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.