The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 3.2.95 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.16.50 (excluding) |
Linux_kernel | Linux | 3.17 (including) | 3.18.82 (excluding) |
Linux_kernel | Linux | 3.19 (including) | 4.1.47 (excluding) |
Linux_kernel | Linux | 4.2 (including) | 4.4.99 (excluding) |
Linux_kernel | Linux | 4.5 (including) | 4.9.63 (excluding) |
Linux_kernel | Linux | 4.10 (including) | 4.13.14 (excluding) |