Candidate: CVE-2017-6952
PublicDate: 2017-03-16 21:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6952
 https://github.com/aquynh/capstone/commit/6fe86eef621b9849f51a5e1e5d73258a93440403
Description:
 Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in
 Capstone 3.0.4 and earlier allows attackers to cause a denial of service
 (heap-based buffer overflow in a kernel driver) or possibly have
 unspecified other impact via a large value.
Ubuntu-Description:
Notes:
 ratliff> Windows-specific
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_capstone:
upstream_capstone: needs-triage
precise_capstone: DNE
trusty_capstone: DNE
trusty/esm_capstone: DNE
vivid/stable-phone-overlay_capstone: DNE
vivid/ubuntu-core_capstone: DNE
xenial_capstone: not-affected
yakkety_capstone: not-affected
devel_capstone: not-affected