CVE-2015-7833

Severity

49%

Complexity

39%

Confidentiality

115%

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.

CVSS 2.0 Base Score 4.9. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C).

Overview

First reported 9 years ago

2015-10-19 10:59:00

Last updated 7 years ago

2017-09-13 01:29:00

Affected Software

Red Hat Enterprise Linux 7.1

7.1

References

SUSE-SU-2016:1937

Third Party Advisory

SUSE-SU-2016:1985

SUSE-SU-2016:2105

openSUSE-SU-2016:2184

DSA-3396

DSA-3426

http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf

Exploit

20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)

Exploit, Third Party Advisory, VDB Entry

77030

1034452

USN-2929-1

USN-2929-2

USN-2932-1

USN-2947-1

USN-2947-2

USN-2947-3

USN-2948-1

USN-2948-2

USN-2967-1

USN-2967-2

https://bugzilla.redhat.com/show_bug.cgi?id=1201858

Issue Tracking

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.