Описание
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in th ...
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
ELSA-2020-5881: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
4.6 Medium
CVSS3
2.1 Low
CVSS2