CVE-2017-17975

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.14.11

Description The issue is related to a use-after-free error in the usbtv probe function, which can cause a system crash or potentially have other unspecified impacts. This occurs when the audio registration fails, leading to a kfree of the usbtv data structure during a usbtv video free call, but the code attempts to access and free this data structure again.

Recommendations For Linux kernel versions prior to 4.14.11, update to version 4.14.11 or later to resolve the issue. As a temporary workaround, consider disabling the usbtv probe function until a patch is available. Restrict access to the usbtv module to minimize the risk of exploitation. Avoid using the usbtv video free function in conjunction with the usbtv video fail label until the issue is resolved.