CVE-2015-4003

2015-06-0723:59:00

CWE-189

[email protected]

web.nvd.nist.gov

nvd

cve-2015-4003

oz_usb_handle_ep_data

drivers/staging/ozwpan/ozusbsvc1.c

linux kernel

denial of service

divide-by-zero error

system crash

6 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.015 Low

EPSS

Percentile

86.7%

JSON

The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.16.35
linux:linux_kernellinux linux kernellt3.10.81
linux:linux_kernellinux linux kernellt3.12.45
linux:linux_kernellinux linux kernellt3.14.45
linux:linux_kernellinux linux kernellt3.18.18
linux:linux_kernellinux linux kernellt4.0.6
linux:linux_kernellinux linux kernellt3.4.109

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.16.35
linux:linux_kernel	linux linux kernel	lt	3.10.81
linux:linux_kernel	linux linux kernel	lt	3.12.45
linux:linux_kernel	linux linux kernel	lt	3.14.45
linux:linux_kernel	linux linux kernel	lt	3.18.18
linux:linux_kernel	linux linux kernel	lt	4.0.6
linux:linux_kernel	linux linux kernel	lt	3.4.109