A high-severity memory corruption flaw in the Linux kernel's t7xx driver could allow a malicious modem to trigger a system crash.

The t7xx_port_enum_msg_handler function fails to validate the port_count field against the actual message length, leading to a slab-out-of-bounds read of up to 262,140 bytes.

The vulnerability can be exploited by a malicious modem to cause a kernel panic, resulting in a Denial of Service (DoS) for the affected system. With a CVSS score of 8.8, the stability of systems utilizing this kernel component is at significant risk.

Immediate Action: Apply the relevant kernel patches (commits 0e7c074cfcd9bd93765505f9eb8b42f03ed2a744, 2b56d7903ab804481f5233a259d5f341e9fd513c, 9855e063e063158cc5bded576382599dc3133202, dd4f4c93c1488d7100b9964f2da4c8b3c29652f1, f94450ce5053b36002995b72d1fa1db3bb08c5bf).

Proactive Monitoring: Monitor system logs for kernel oops or unexpected crash reports related to the t7xx driver.

Compensating Controls: If patching is delayed, ensure hardware security for connected modems to prevent the introduction of malicious messages.

Public Exploit Available: false

System administrators should update their Linux kernel to a version containing the provided fixes. Given the potential for system instability, prioritizing this update is recommended to prevent denial-of-service conditions.