CVE-2015-4002
Description
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.715
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux hardware enablement kernel from Trusty (USN-2662-1) linux-image-3.13.0-57-generic_3.13.0-57.95~precise1_i386.deb | Linux |
| Linux hardware enablement kernel from Trusty (USN-2662-1) linux-image-3.13.0-57-generic_3.13.0-57.95~precise1_amd64.deb | Linux |
| Linux kernel (USN-2663-1) linux-image-3.13.0-57-generic_3.13.0-57.95_i386.deb | Linux |
| Linux kernel (USN-2663-1) linux-image-3.13.0-57-generic_3.13.0-57.95_amd64.deb | Linux |
| Linux kernel (USN-2663-1) linux-image-3.13.0-57-lowlatency_3.13.0-57.95_i386.deb | Linux |
| Linux kernel (USN-2663-1) linux-image-3.13.0-57-lowlatency_3.13.0-57.95_amd64.deb | Linux |
| Linux hardware enablement kernel from Utopic (USN-2664-1) linux-image-3.16.0-43-generic_3.16.0-43.58~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Utopic (USN-2664-1) linux-image-3.16.0-43-generic_3.16.0-43.58~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Utopic (USN-2664-1) linux-image-3.16.0-43-lowlatency_3.16.0-43.58~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Utopic (USN-2664-1) linux-image-3.16.0-43-lowlatency_3.16.0-43.58~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Vivid (USN-2665-1) linux-image-3.19.0-22-generic_3.19.0-22.22~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Vivid (USN-2665-1) linux-image-3.19.0-22-generic_3.19.0-22.22~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Vivid (USN-2665-1) linux-image-3.19.0-22-lowlatency_3.19.0-22.22~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Vivid (USN-2665-1) linux-image-3.19.0-22-lowlatency_3.19.0-22.22~14.04.1_amd64.deb | Linux |
| Linux kernel (USN-2667-1) linux-image-3.19.0-22-generic_3.19.0-22.22_i386.deb | Linux |
| Linux kernel (USN-2667-1) linux-image-3.19.0-22-generic_3.19.0-22.22_amd64.deb | Linux |
| Linux kernel (USN-2667-1) linux-image-3.19.0-22-lowlatency_3.19.0-22.22_i386.deb | Linux |
| Linux kernel (USN-2667-1) linux-image-3.19.0-22-lowlatency_3.19.0-22.22_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234