Lucene search

K
cve[email protected]CVE-2015-7515
HistoryApr 27, 2016 - 5:59 p.m.

CVE-2015-7515

2016-04-2717:59:01
CWE-476
web.nvd.nist.gov
80
linux kernel
aiptek_probe function
denial of service
cve-2015-7515
usb device

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

4.4

Confidence

High

EPSS

0.005

Percentile

77.4%

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.

Affected configurations

NVD
Node
linuxlinux_kernelRange<4.4
OR
linuxlinux_kernelMatch4.4rc1
OR
linuxlinux_kernelMatch4.4rc2
OR
linuxlinux_kernelMatch4.4rc3
OR
linuxlinux_kernelMatch4.4rc4
OR
linuxlinux_kernelMatch4.4rc5
OR
linuxlinux_kernelMatch4.4rc6
OR
linuxlinux_kernelMatch4.4rc7
OR
linuxlinux_kernelMatch4.4rc8
VendorProductVersionCPE
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc6::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc5::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc3::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc8::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc2::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc1::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc4::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc7::

References

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

4.4

Confidence

High

EPSS

0.005

Percentile

77.4%