CVE-2015-7566

4.6MEDIUM

Key Information:

Vendor
Novell
Status
Suse Linux Enterprise Server
Suse Linux Enterprise Debuginfo
Suse Linux Enterprise Software Development Kit
Suse Linux Enterprise Real Time Extension
Vendor
CVE Published:
8 February 2016

Summary

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

References

http://www.ubuntu.com/usn/USN-2930-1
vendor-advisoryx_refsource_UBUNTU
https://security-tracker.debian.org/tracker/CVE-2015-7566
x_refsource_CONFIRM
http://www.securityfocus.com/bid/82975
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.