Home

CVE-2018-16276

Description

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.083

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel for Microsoft Azure Cloud systems (USN-3820-3) linux-image-azure_4.15.0.1036.23_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-generic_4.15.0.43.45_i386.debLinux
Linux kernel (USN-3847-1) linux-image-generic_4.15.0.43.45_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-1026-gcp_4.15.0-1026.27_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-1028-kvm_4.15.0-1028.28_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-1030-oem_4.15.0-1030.35_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-1031-aws_4.15.0-1031.33_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-1036-azure_4.15.0-1036.38_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-43-generic_4.15.0-43.46_i386.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-43-generic_4.15.0-43.46_amd64.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-43-lowlatency_4.15.0-43.46_i386.debLinux
Linux kernel (USN-3847-1) linux-image-4.15.0-43-lowlatency_4.15.0-43.46_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-aws-hwe_4.15.0.1031.32_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-1026-gcp_4.15.0-1026.27~16.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-1031-aws_4.15.0-1031.33~16.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-1036-azure_4.15.0-1036.38~16.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-43-generic_4.15.0-43.46~16.04.1_i386.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-43-generic_4.15.0-43.46~16.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-generic-hwe-16.04_4.15.0.43.64_i386.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-generic-hwe-16.04_4.15.0.43.64_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-43-lowlatency_4.15.0-43.46~16.04.1_i386.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-4.15.0-43-lowlatency_4.15.0-43.46~16.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-lowlatency-hwe-16.04_4.15.0.43.64_i386.debLinux
Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3847-2) linux-image-lowlatency-hwe-16.04_4.15.0.43.64_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3847-3) linux-image-azure_4.15.0.1036.23_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3847-3) linux-image-4.15.0-1036-azure_4.15.0-1036.38~14.04.2_amd64.debLinux
Linux kernel (USN-3849-1) linux-image-generic_3.13.0.164.174_i386.debLinux
Linux kernel (USN-3849-1) linux-image-generic_3.13.0.164.174_amd64.debLinux
Linux kernel (USN-3849-1) linux-image-3.13.0-164-generic_3.13.0-164.214_i386.debLinux
Linux kernel (USN-3849-1) linux-image-3.13.0-164-generic_3.13.0-164.214_amd64.debLinux
Linux kernel (USN-3849-1) linux-image-3.13.0-164-lowlatency_3.13.0-164.214_i386.debLinux
Linux kernel (USN-3849-1) linux-image-3.13.0-164-lowlatency_3.13.0-164.214_amd64.debLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Server 12-SP3 ) kernel-default-base-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Server 12-SP3 ) kernel-default-base-debuginfo-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-debuginfo-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-debugsource-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-devel-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-extra-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-extra-debuginfo-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-devel-4.4.156-94.57.1.noarch.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-macros-4.4.156-94.57.1.noarch.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-source-4.4.156-94.57.1.noarch.rpmLinux
SUSE-SU-2018:3003-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-syms-4.4.156-94.57.1.x86_64.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-bigsmp-extra-3.0.101-0.47.106.56.1.x86_64.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-0.47.106.56.1.i586.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-0.47.106.56.1.x86_64.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-0.47.106.56.1.i586.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-0.47.106.56.1.x86_64.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-0.47.106.56.1.i586.rpmLinux
SUSE-SU-2018:3618-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-0.47.106.56.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234