cve/2015/CVE-2015-7566.md

CVE-2015-7566

Description

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

POC

Reference

• http://www.ubuntu.com/usn/USN-2930-2
• http://www.ubuntu.com/usn/USN-2932-1
• http://www.ubuntu.com/usn/USN-2948-2
• https://bugzilla.redhat.com/show_bug.cgi?id=1283371
• https://www.exploit-db.com/exploits/39540/

Github

• https://github.com/ARPSyndicate/cvemon