CVE

CVE-2007-3513

Date: (C)2007-07-03   (M)2023-12-22

The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE

Reference:

BID-24734

SECUNIA-25895

SECUNIA-26139

SECUNIA-26450

SECUNIA-26643

SECUNIA-26664

SECUNIA-27212

SECUNIA-27227

SECUNIA-27322

OSVDB-37116

ADV-2007-2403

DSA-1356

MDKSA-2007:195

MDKSA-2007:196

RHSA-2007:0940

SUSE-SA:2007:051

SUSE-SA:2007:053

USN-489-1

USN-509-1

USN-510-1

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.22-rc7

kernel-lcdwrite-dos(35302)

oval:org.mitre.oval:def:9883