Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label\'s code attempts to both access and free this data structure.
Find out more about CVE-2017-17975 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|