Описание
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
Ссылки
- Issue TrackingPatchVendor Advisory
- Issue TrackingMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchVendor Advisory
- Issue TrackingMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
6.3 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
The tower_probe function in drivers/usb/misc/legousbtower.c in the Lin ...
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
ELSA-2019-4854: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
6.3 Medium
CVSS3
6.9 Medium
CVSS2