vulnerability

SUSE: CVE-2017-16913: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:N/A:C)	Jan 31, 2018	Mar 23, 2018	Feb 4, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

Jan 31, 2018

Added

Mar 23, 2018

Modified

Feb 4, 2022

Description

The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.

Solution(s)

suse-upgrade-kernel-azure-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-source-azure

References

SUSE-SUSE-SU-2018:0785-1
SUSE-SUSE-SU-2018:0786-1
SUSE-SUSE-SU-2018:0834-1
SUSE-SUSE-SU-2018:0848-1
SUSE-SUSE-SU-2018:0986-1
SUSE-SUSE-SU-2018:1080-1
SUSE-SUSE-SU-2018:1172-1
SUSE-SUSE-SU-2018:1309-1
BID-102150
UBUNTU-USN-3619-1
UBUNTU-USN-3619-2
UBUNTU-USN-3754-1
DEBIAN-DSA-4187
NVD-CVE-2017-16913

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today