Security Advisory
CVE-2017-1000363
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a secure boot kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) lp=none arguments to the command line.