Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2017-17975

Published: 30/12/2017 Updated: 24/05/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel up to and including 4.14.10 allows malicious users to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian Security Advisories: DSA-4188-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read mem ...
Ubuntu Security Notice: linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, vulnerabilities
Several security issues were addressed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were addressed in the Linux kernel ...
Red Hat: CVE-2017-17975
A use-after-free fault in the Linux kernel's usbtv driver could allow an attacker to cause a denial of service (system crash), or have unspecified other impacts, by triggering failure of audio registration of USB hardware using the usbtv kernel module ...

References

CWE-416http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.htmlhttp://www.securityfocus.com/bid/102330https://www.debian.org/security/2018/dsa-4188https://usn.ubuntu.com/3654-2/https://usn.ubuntu.com/3654-1/https://usn.ubuntu.com/3653-2/https://usn.ubuntu.com/3653-1/https://usn.ubuntu.com/3657-1/https://usn.ubuntu.com/3656-1/https://nvd.nist.govhttps://www.debian.org/security/./dsa-4188https://usn.ubuntu.com/3657-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook