USB device crafted to cause divide-by-zero error and system crash in Linux kernel (CVE-2017-16644)

USB device crafted to cause divide-by-zero error and system crash in Linux kernel (CVE-2017-16644)

CVE-2017-16649 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.

Learn more about our Cis Benchmark Audit For Bind.