Denial of service in Linux Kernel

Published: 2017-11-09 15:57:19
Severity Low
Patch available YES
Number of vulnerabilities 14
CVSSv2 3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.6 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
CVSSv3 5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE ID CVE-2017-16525
CVE-2017-16526
CVE-2017-16527
CVE-2017-16528
CVE-2017-16529
CVE-2017-16530
CVE-2017-16531
CVE-2017-16532
CVE-2017-16533
CVE-2017-16534
CVE-2017-16535
CVE-2017-16536
CVE-2017-16537
CVE-2017-16538
CWE ID CWE-416
CWE-284
CWE-125
CWE-476
Exploitation vector Local
Public exploit Not available
Vulnerable software Linux kernel
Vulnerable software versions Linux kernel 4.13.7
Linux kernel 4.13.6
Linux kernel 4.13.5
Show more
Vendor URL Linux Foundation
Advisory type Public

Security Advisory

1) Use-after-free error

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in usb_serial_console_disconnect function in drivers/usb/serial/console.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.8 or later.

External links

https://github.com/torvalds/linux/commit/bd998c2e0df0469707503023d50d46cf0b10c787

2) Denial of service

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to a flaw in drivers/uwb/uwbd.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.5 or later.

External links

https://github.com/torvalds/linux/commit/bbf26183b7a6236ba602f4d6a2f7cade35bba043

3) Use-after-free error

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in sound/usb/mixer.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.8 or later.

External links

https://github.com/torvalds/linux/commit/124751d5e63c823092060074bd0abaae61aaa9c4

4) Use-after-free error

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in the sound/core/seq_device.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.5 or later.

External links

https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57

5) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the snd_usb_create_streams function in sound/usb/card.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.7 or later.

External links

https://github.com/torvalds/linux/commit/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991

6) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the drivers/usb/storage/uas-detect.h and drivers/usb/storage/uas.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.7 or later.

External links

https://github.com/torvalds/linux/commit/786de92b3cb26012d3d0f00ee37adf14527f35c4

7) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the drivers/usb/core/config.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.7 or later.

External links

https://github.com/torvalds/linux/commit/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb

8) Null pointer dereference

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to NULL pointer dereference in the get_endpoints function in drivers/usb/misc/usbtest.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.12 or later.

External links

https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8

9) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the usbhid_parse function in drivers/hid/usbhid/hid-core.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.12 or later.

External links

https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8

10) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the cdc_parse_cdc_header function in drivers/usb/core/message.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.7 or later.

External links

https://github.com/torvalds/linux/commit/2e1c42391ff2556387b3cb6308b24f6f65619feb

11) Out-of-bounds read

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in the usb_get_bos_descriptor function in drivers/usb/core/config.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.11 or later.

External links

https://github.com/torvalds/linux/commit/1c0edc3633b56000e18d82fc241e3995ca18a69e

12) Null pointer dereference

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to NULL pointer dereference in the cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.12 or later.

External links

https://patchwork.kernel.org/patch/9963527/

13) Null pointer dereference

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to NULL pointer dereference in the imon_probe function in drivers/media/rc/imon.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.12 or later.

External links

https://patchwork.kernel.org/patch/9963527/

14) Denial of service

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the drivers/media/usb/dvb-usb-v2/lmedm04.c. A local attacker can use a specially crafted USB device and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update to version 4.13.12 or later.

External links

https://github.com/torvalds/linux/commit/bbf26183b7a6236ba602f4d6a2f7cade35bba043

Back to List