Note:
This project will be discontinued after December 13, 2021. [more]
2017-11-07
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
| Products | Linux_kernel |
| Type | Divide By Zero (CWE-369) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://groups.google.com/d/msg/syzkaller/0e0gmaX9R0g/9Me9JcY2BQAJ
• https://usn.ubuntu.com/3754-1/ • https://usn.ubuntu.com/3617-3/ • https://usn.ubuntu.com/3619-2/ • https://patchwork.ozlabs.org/patch/834770/ |