Published: 04/11/2017 Updated: 12/03/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel prior to 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 7.0
canonical ubuntu linux 14.04

Several security issues were fixed in the Linux kernel ...

The usbhid_parse function in drivers/hid/usbhid/hid-corec in the Linux kernel before 4138 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device ...

CWE-125 https://groups.google.com/d/msg/syzkaller/CxkJ9QZgwlM/O3IOvAaGAwAJ https://github.com/torvalds/linux/commit/f043bfc98c193c284e2cd768fefabe18ac2fed9b http://www.securityfocus.com/bid/102026 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1/https://nvd.nist.gov https://usn.ubuntu.com/3485-1/

CVE-2017-16533

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect