CVE-2017-16533 - Vulncode-DB

CVE-2017-16533 (NVD)

2017-11-04

The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

Products	Ubuntu_linux, Debian_linux, Linux_kernel
Type	Out-of-bounds Read (CWE-125)
First patch	https://github.com/torvalds/linux/commit/f043bfc98c193c284e2cd768fefabe18ac2fed9b
Relevant file/s	./drivers/hid/usbhid/hid-core.c (modified, +11, -1)
Links	• https://groups.google.com/d/msg/syzkaller/CxkJ9QZgwlM/O3IOvAaGAwAJ • http://www.securityfocus.com/bid/102026 • https://usn.ubuntu.com/3754-1/ • https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html

linux - Tree: f043bfc98c

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: