Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In November 2017 (Denial of service)
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-11-24
Updated
2023-01-19
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-08-24
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-11-28
The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-10-31
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-04-06
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-04-07
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-08-24
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-08-24
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-07
Updated
2018-08-24
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner).
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2018-08-24
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2018-08-24
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2018-08-24
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2018-08-24
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.08%
Published
2017-11-04
Updated
2024-02-16
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-12
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2018-08-24
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to drivers/usb/storage/uas-detect.h and drivers/usb/storage/uas.c.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-03-14
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-11-04
Updated
2023-01-19
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.
Max CVSS
7.2
EPSS Score
0.04%
Published
2017-11-04
Updated
2024-04-01
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-11-06
Updated
2017-11-28
The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).
Max CVSS
5.5
EPSS Score
0.06%
Published
2017-11-30
Updated
2023-02-12