Uninitialized Structure Vulnerability in Linux 2.4 USB Drivers

Uninitialized Structure Vulnerability in Linux 2.4 USB Drivers

CVE-2004-0685 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.