Vulnerability identifier: #VU61181
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: Yes
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. A local user can trigger a use-after-free error and gain access to sensitive information.
Install updates from vendor's website.
Vulnerable software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?