The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel prior to 4.5 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
linux linux kernel |
||
linux linux kernel 4.5.0 |
||
suse linux enterprise debuginfo 11 |
||
suse linux enterprise module for public cloud 12 |
||
suse linux enterprise desktop 12 |
||
suse linux enterprise real time extension 11 |
||
suse linux enterprise real time extension 12 |
||
suse linux enterprise server 11 |
||
suse linux enterprise server 12 |
||
suse linux enterprise software development kit 11 |
||
suse linux enterprise software development kit 12 |
||
suse linux enterprise workstation extension 12 |
Vulmon