CVE-2017-17558

{"id": "CVE-2017-17558", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}]}, "published": "2017-12-12T15:29:00.210", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://openwall.com/lists/oss-security/2017/12/12/7", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0676", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:1062", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1170", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1190", "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/3619-1/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/3619-2/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/3754-1/", "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2017/dsa-4073", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2018/dsa-4082", "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "source": "cve@mitre.org"}, {"url": "https://www.spinics.net/lists/linux-usb/msg163644.html", "tags": ["Issue Tracking", "Patch"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device."}, {"lang": "es", "value": "La funci\u00f3n usb_destroy_configuration en drivers/usb/core/config.c en el subsistema del n\u00facleo USB en el kernel de Linux hasta la versi\u00f3n 4.14.5 no considera el m\u00e1ximo n\u00famero de configuraciones e interfaces antes de intentar liberar recursos. Esto permite que usuarios locales provoquen una denegaci\u00f3n de servicio (acceso de escritura fuera de l\u00edmites) o, posiblemente, tengan otro tipo de impacto sin especificar mediante un dispositivo USB manipulado."}], "lastModified": "2019-05-14T23:29:04.107", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3775142E-8FB2-450A-98BC-B61DD3C99007", "versionEndIncluding": "4.14.5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD1AEFA5-9D43-4DD2-9088-7B37D5F220C4"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}