← voltar
CVE-2017-17975

CVE-2017-17975

EPSS 0.4%
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.htmlhttps://usn.ubuntu.com/3653-1/https://usn.ubuntu.com/3653-2/https://usn.ubuntu.com/3654-1/https://usn.ubuntu.com/3654-2/https://usn.ubuntu.com/3656-1/https://usn.ubuntu.com/3657-1/https://www.debian.org/security/2018/dsa-4188http://www.securityfocus.com/bid/102330