CVE-2016-3136

2016-05-02T10:59:00
ID CVE-2016-3136
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T01:29:00

Description

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>