[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80170

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-16528

Date: (C)2017-11-07   (M)2017-11-22 


sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.

CVSS Score: 7.2Access Vector: LOCAL
Exploit Score: 3.9Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57
https://groups.google.com/d/msg/syzkaller/kuZzDHGkQu8/5du20rZEAAAJ

CWE    1
CWE-416

© 2013 SecPod Technologies