Published: 04/11/2017 Updated: 01/04/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel prior to 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 7.0
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04

Several security issues were fixed in the Linux kernel ...

The usb_serial_console_disconnect function in drivers/usb/serial/consolec in the Linux kernel, before 4138, allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup ...

The usb_serial_console_disconnect function in drivers/usb/serial/consolec in the Linux kernel before 4138 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup ...

CWE-416 https://groups.google.com/d/msg/syzkaller/cMACrmo1x0k/4KhRoUgABAAJ https://github.com/torvalds/linux/commit/bd998c2e0df0469707503023d50d46cf0b10c787 https://github.com/torvalds/linux/commit/299d7572e46f98534033a9e65973f13ad1ce9047 http://www.securityfocus.com/bid/102028 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3583-2/https://usn.ubuntu.com/3583-1/https://nvd.nist.gov https://usn.ubuntu.com/3485-1/

CVE-2017-16525

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect