CVE-2015-7566
Advisory lineage Upstream: 0 Downstream: 13
Modified
Published: 08 Feb 2016, 02:00
Last modified:06 Aug 2024, 07:51
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
4.9 MEDIUM
v2.0 (nvd)
EPSS Score
0.45% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected
Timeline
08 Feb 2016, 02:00
Published
Vulnerability first disclosed
06 Aug 2024, 07:51
Last Modified
Vulnerability information updated
Description
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.
CVSS Metrics
- v3.0•MEDIUM•Score: 4.6CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- v2.0•MEDIUM•Score: 4.9AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.45%• Percentile: 64%
Affected Systems
- linux•linux_kernel
≤ 4.4.1
- novell•suse_linux_enterprise_debuginfo
11:sp4
- novell•suse_linux_enterprise_real_time_extension
11:sp4 | 12:sp1
- novell•suse_linux_enterprise_server
11:extra | 11:sp4
- novell•suse_linux_enterprise_software_development_kit
11:sp4
References (27)
- http://www.ubuntu.com/usn/USN-2930-1
- https://security-tracker.debian.org/tracker/CVE-2015-7566
- http://www.securityfocus.com/bid/82975
- http://www.ubuntu.com/usn/USN-2967-1
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c
- http://www.ubuntu.com/usn/USN-2930-2
- https://bugzilla.redhat.com/show_bug.cgi?id=1283371
- http://www.debian.org/security/2016/dsa-3503
- http://www.ubuntu.com/usn/USN-2967-2
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
- http://www.ubuntu.com/usn/USN-2930-3
- https://bugzilla.redhat.com/show_bug.cgi?id=1296466
- http://www.securityfocus.com/archive/1/537733/100/0/threaded
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
- http://www.ubuntu.com/usn/USN-2929-1
- http://www.ubuntu.com/usn/USN-2932-1
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
- http://www.ubuntu.com/usn/USN-2948-1
- http://www.debian.org/security/2016/dsa-3448
- http://www.ubuntu.com/usn/USN-2929-2
- https://www.exploit-db.com/exploits/39540/
- http://www.ubuntu.com/usn/USN-2948-2
- https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c