CVE-2017-17558Out-of-bounds Write in Kernel

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents9 sources
Severity
6.6MEDIUMNVD
EPSS
0.1%
top 77.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelSuse Linux Enterprise Server
Timeline
PublishedDec 12
Latest updateMay 14

Description

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages3 packages

Debianlinux/linux_kernel< 4.14.7-1+3
NVDlinux/linux_kernel4.14.5

Patches

Patch: www.spinics.netPatch: www.spinics.net

🔴Vulnerability Details

3
GHSA
GHSA-pjjf-q5j5-prhg: The usb_destroy_configuration function in drivers/usb/core/config2022-05-14
CVEList
CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config2017-12-12
OSV
CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config2017-12-12

📋Vendor Advisories

6
Ubuntu
Linux kernel vulnerabilities2018-08-24
Android
CVE-2017-17558: USB2018-06-01
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities2018-04-05
Ubuntu
Linux kernel vulnerabilities2018-04-04
Red Hat
kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow2017-12-11

💬Community

2
Bugzilla
CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow [fedora-all]2017-12-13
Bugzilla
CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow2017-12-13
CVE-2017-17558 — Out-of-bounds Write in Linux Kernel | cvebase