Home CVE Database CVE-2017-17975

CVE-2017-17975

Description

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label\'s code attempts to both access and free this data structure.

Priority: MEDIUM
CVSS v3: 5.5
Publish Date: Dec 29, 2017
Related ID: --
CVSS v2: Medium
Modified Date: Jan 2, 2018

Find out more about CVE-2017-17975 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online