CVE-2017-16538

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 4.13.11

Description The issue is related to a missing warm-start check and incorrect attach timing in the Linux kernel, specifically in the drivers/media/usb/dvb-usb-v2/lmedm04.c file. This can be exploited by a local user via a crafted USB device, potentially causing a denial of service, such as a general protection fault and system crash, or possibly having other unspecified impacts. The vulnerability is associated with the functions dm04 lme2510 frontend attach and dm04 lme2510 tuner.

Recommendations For Linux kernel versions through 4.13.11, consider disabling the use of USB devices that could exploit this issue until a patch is available. As a temporary workaround, restrict access to the affected driver file lmedm04.c to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.