← back
CVE-2017-16532

CVE-2017-16532

EPSS 0.4%
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8https://groups.google.com/d/msg/syzkaller/l3870gs3LhA/y79DYQdFBAAJhttps://lists.debian.org/debian-lts-announce/2017/12/msg00004.htmlhttps://usn.ubuntu.com/3617-1/https://usn.ubuntu.com/3617-2/https://usn.ubuntu.com/3617-3/https://usn.ubuntu.com/3619-1/https://usn.ubuntu.com/3619-2/https://usn.ubuntu.com/3754-1/