Published: 04/11/2017 Updated: 14/03/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

sound/core/seq_device.c in the Linux kernel prior to 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04

Several security issues were fixed in the Linux kernel ...

The sound/core/seq_devicec in the Linux kernel, before 4134, allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device ...

sound/core/seq_devicec in the Linux kernel before 4134 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device ...

CWE-416 https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57 https://usn.ubuntu.com/3619-1/https://usn.ubuntu.com/3619-2/https://nvd.nist.gov https://usn.ubuntu.com/3619-2/

CVE-2017-16528

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect