A malicious interaction with the keyctl usermode interface allows an attacker to crash the kernel. Processing the attached certificate by the kernel leads to a kernel nullpointer dereference. This vulnerably can be triggered by any unprivileged user locally.
f84b2c209822d9c15501892e2c718cb3967a4db2792d9be2b18757f3378ca33c
Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB out of bounds reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB device is required.
76833a7057ed11a9603a2cca2127a14da53cfb98824820fa60de3d7cf3b821a6
Mounting a crafted EXT4 image as read-only leads to a kernel panic. Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB-device is required.
011b753ceacca2ffb6904932ea2a749ae06dce8d32cca4a615dce413d005e946
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the ati_remote2 driver.
64b27b582d1d98470bc99a03647730dc3ca9087a360e0d33bea3d39a03c176d3
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the snd-usb-audio driver.
63b99ee44c94290534a1566558fa0fa9dbffab9377972bb47e8df52a4e55a51b
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the snd-usb-audio driver.
d00ca273b23d502c913f393d8f3304224d9e923c78a3ed72afd9d8358c4dd26c
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the iowarrior driver.
cf5a8c3c5444f99bb6ad6a488d29e6cf6dcac765a5f97f7aa248611d304cb401
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (treo_attach) driver.
38836a9f9c94e69ba7af1af7985d04a180d148018d89d5ae14f432812d3322e7
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of buggy USB device requiring the powermate driver.
badce87f5987744b043fdb6d8d692d6664fa28bf648f0aa094de7b5e3c41c5fa
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the digi_acceleport driver.
ef3cd4da9fad5010d69c5473a0734443552fa03ffe6c6259dcd1a63f6e52a21e
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of buggy USB device requiring the wacom driver.
12a4cdb3b402f1acfdac5ac5bc325c540cea516465ad86e2a98b91435a6cc69d
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (treo_attach) driver.
56a4919df423d8d1ced2edc350991c087f6a5b63d56610a9eb1ac25f9987628f
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (clie_5_attach) driver.
7c2aef0ea978cdd6912da2041015ef50e879934c3c06d21f43668fd7fed52de6
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the mct_u232_m8 driver.
bb601d9a1f1ed7dfcaf7c00dc14e446a75b594c8de672d642eb7431e9e2d7356
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device which requires the requiring the cypress_m8 driver.
ef0ff61783f9faba135ab9d60a739f12664bbf04f6053e34c17b50e4045f5349
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the cdc_acm driver.
74970c51108c9c527182088e5f799451e879349acff15a9808117c1634d2ccf9
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes when presented a buggy USB device using the aiptek driver.
a267f2861aa06cc9f33c4b5f5a3fe10f859f72989ebc9e954b86d65640f165ae
The Prolific ser2co64.sys driver is vulnerable to a stack buffer overflow. If a malicious USB device is presented, the buffer overflow occurs. This driver is digitally signed by Microsoft and provided via Windows Update.
84a03321f43cdba56015676deaa534ad2999e1add9df93b109eb3d9f4a9b1dae
RedHat Enterprise Linux version 7.1 suffers from a kernel crash vulnerability on invalid USB device descriptors.
a6c1498865a19e4b8fb98829baeba3cc2c1cf40f95da53b3d912face5dffbc85