Overview
- Description
- The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 3.6
- Exploitability score
- 0.9
- Vector string
- CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6477D16E-3D4C-4C4F-9F40-5AF8989CAF99"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B942E0F5-7FDC-4AE5-985D-25F4EA7406F1"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFF56CE7-91EF-4FF9-B306-5F00249D9FEA"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AB3CAA1-C20C-4A86-841E-EC0858164D7D"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11:extra:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B24E780-3254-4577-BCFF-7FBB6D97C780"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "095856BE-4E55-4FEA-BCAC-352C29083545"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDD97C46-E284-47DB-B96A-3B8D5013F2F7",
"versionEndIncluding": "4.4.1"
}
],
"operator": "OR"
}
]
}
]