Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Nov 2017 15:14:56 -0500 (EST)
From: Vladis Dronov <>
Subject: CVE-2017-15102: Linux kernel: usb: NULL-deref due to a race
 condition in [legousbtower] driver


A race condition exists in Linux kernel since year 2003 through version 4.9-rc1
in [legousbtower] driver which allows a null pointer dereference caused by
not removing a device file interface on an error when the probe function is called.
This can cause a write-what-where condition by remapping dev->interrupt_out_buffer
in tower_write(), leading to privilege escalation.


An upstream patch:

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.