Note:
This project will be discontinued after December 13, 2021. [more]
2017-11-04
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Products | Ubuntu_linux, Debian_linux, Linux_kernel |
Type | NULL Pointer Dereference (CWE-476) |
First patch |
https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8 |
Relevant file/s | ./drivers/usb/misc/usbtest.c (modified, +3, -2) |
Links |
• https://usn.ubuntu.com/3619-2/
• https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html • https://usn.ubuntu.com/3617-2/ • https://usn.ubuntu.com/3619-1/ • https://usn.ubuntu.com/3754-1/ |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: