Lucene search

K
prionPRIOn knowledge basePRION:CVE-2017-17975
HistoryDec 30, 2017 - 1:29 a.m.

Double free

2017-12-3001:29:00
PRIOn knowledge base
www.prio-n.com
10

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label’s code attempts to both access and free this data structure.

CPENameOperatorVersion
linux_kernelle4.14.10

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%