PT-2015-6820 · Linux+2 · Linux Kernel+2

Moein Ghasemzadeh

Publicado

2015-09-24

Atualizado

2023-02-12

CVE-2015-5257

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.2.4

Description The issue allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. This is due to a flaw in the drivers/usb/serial/whiteheat.c file.

Recommendations For Linux kernel versions prior to 4.2.4, update to version 4.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to USB devices to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1924

ALT-PU-2016-1485

CVE-2015-5257

DLA-325-1

DSA-3372-1

MGASA-2015-0435

MGASA-2015-0439

MGASA-2016-0015

MGASA-2016-0225

MGASA-2016-0232

MGASA-2016-0233

USN-2792-1

USN-2794-1

USN-2795-1

USN-2796-1

USN-2797-1

USN-2798-1

USN-2799-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2015-6820 · Linux+2 · Linux Kernel+2

CVE-2015-5257

Identificadores relacionados

Produtos afetados

Referências · 98