Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.6
CVSSv3

CVE-2017-16538

Published: 04/11/2017 Updated: 24/08/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel up to and including 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Debian Security Advisories: DSA-4073-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free ...
Arch Linux Issues:
drivers/media/usb/dvb-usb-v2/lmedm04c in the Linux kernel through 41311 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510 ...

References

CWE-20https://patchwork.linuxtv.org/patch/44567/https://patchwork.linuxtv.org/patch/44566/https://groups.google.com/d/msg/syzkaller/XwNidsl4X04/ti6I2IaRBAAJhttps://www.debian.org/security/2017/dsa-4073http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlhttps://www.debian.org/security/2018/dsa-4082https://usn.ubuntu.com/3631-2/https://usn.ubuntu.com/3631-1/https://usn.ubuntu.com/3754-1/https://nvd.nist.govhttps://usn.ubuntu.com/3631-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook