NULL pointer dereference vulnerability in Linux kernel before 4.5.1 allows denial of service via USB device

NULL pointer dereference vulnerability in Linux kernel before 4.5.1 allows denial of service via USB device

CVE-2016-3138 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.