{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-12-12T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-16T17:40:47.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3619-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3619-2/"}, {"name": "DSA-4082", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4082"}, {"name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"}, {"name": "SUSE-SU-2018:0011", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"}, {"name": "USN-3754-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3754-1/"}, {"name": "RHSA-2018:1062", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1062"}, {"tags": ["x_refsource_MISC"], "url": "http://openwall.com/lists/oss-security/2017/12/12/7"}, {"name": "RHSA-2018:0676", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0676"}, {"name": "DSA-4073", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2017/dsa-4073"}, {"tags": ["x_refsource_MISC"], "url": "https://www.spinics.net/lists/linux-usb/msg163644.html"}, {"name": "USN-3619-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3619-1/"}, {"name": "RHSA-2019:1170", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1170"}, {"name": "RHSA-2019:1190", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1190"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17558", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3619-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3619-2/"}, {"name": "DSA-4082", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4082"}, {"name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"}, {"name": "SUSE-SU-2018:0011", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"}, {"name": "USN-3754-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3754-1/"}, {"name": "RHSA-2018:1062", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1062"}, {"name": "http://openwall.com/lists/oss-security/2017/12/12/7", "refsource": "MISC", "url": "http://openwall.com/lists/oss-security/2017/12/12/7"}, {"name": "RHSA-2018:0676", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0676"}, {"name": "DSA-4073", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2017/dsa-4073"}, {"name": "https://www.spinics.net/lists/linux-usb/msg163644.html", "refsource": "MISC", "url": "https://www.spinics.net/lists/linux-usb/msg163644.html"}, {"name": "USN-3619-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3619-1/"}, {"name": "RHSA-2019:1170", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1170"}, {"name": "RHSA-2019:1190", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1190"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:51:32.189Z"}, "title": "CVE Program Container", "references": [{"name": "USN-3619-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3619-2/"}, {"name": "DSA-4082", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4082"}, {"name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"}, {"name": "SUSE-SU-2018:0011", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"}, {"name": "USN-3754-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3754-1/"}, {"name": "RHSA-2018:1062", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1062"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2017/12/12/7"}, {"name": "RHSA-2018:0676", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:0676"}, {"name": "DSA-4073", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2017/dsa-4073"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.spinics.net/lists/linux-usb/msg163644.html"}, {"name": "USN-3619-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3619-1/"}, {"name": "RHSA-2019:1170", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1170"}, {"name": "RHSA-2019:1190", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1190"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17558", "datePublished": "2017-12-12T15:00:00.000Z", "dateReserved": "2017-12-12T00:00:00.000Z", "dateUpdated": "2024-08-05T20:51:32.189Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3775142E-8FB2-450A-98BC-B61DD3C99007", "versionEndIncluding": "4.14.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*", "matchCriteriaId": "AD1AEFA5-9D43-4DD2-9088-7B37D5F220C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device."}, {"lang": "es", "value": "La funci\u00f3n usb_destroy_configuration en drivers/usb/core/config.c en el subsistema del n\u00facleo USB en el kernel de Linux hasta la versi\u00f3n 4.14.5 no considera el m\u00e1ximo n\u00famero de configuraciones e interfaces antes de intentar liberar recursos. Esto permite que usuarios locales provoquen una denegaci\u00f3n de servicio (acceso de escritura fuera de l\u00edmites) o, posiblemente, tengan otro tipo de impacto sin especificar mediante un dispositivo USB manipulado."}], "id": "CVE-2017-17558", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-12T15:29:00.210", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/12/12/7"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:0676"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2018:1062"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:1170"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:1190"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3619-1/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3619-2/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3754-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-4073"}, {"source": "cve@mitre.org", "url": "https://www.debian.org/security/2018/dsa-4082"}, {"source": "cve@mitre.org", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://www.spinics.net/lists/linux-usb/msg163644.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2017/12/12/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2018:0676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2018:1062"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:1170"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:1190"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3619-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3619-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3754-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-4073"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.debian.org/security/2018/dsa-4082"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://www.spinics.net/lists/linux-usb/msg163644.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:0676", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-862.rt56.804.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-04-10T00:00:00Z"}, {"advisory": "RHSA-2018:1062", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-862.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-04-10T00:00:00Z"}, {"advisory": "RHSA-2019:1170", "cpe": "cpe:/o:redhat:rhel_eus:7.4", "package": "kernel-0:3.10.0-693.47.2.el7", "product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support", "release_date": "2019-05-14T00:00:00Z"}, {"advisory": "RHSA-2019:1190", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.47.2.rt56.641.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2019-05-14T00:00:00Z"}], "bugzilla": {"description": "kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow", "id": "1525474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525474"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.4", "cvss3_scoring_vector": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-119", "details": ["The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.", "The usb_destroy_configuration() function, in 'drivers/usb/core/config.c' in the USB core subsystem, in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources. This allows local users to cause a denial of service, due to out-of-bounds write access, or possibly have unspecified other impact via a crafted USB device. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely."], "name": "CVE-2017-17558", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2017-12-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-17558\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-17558"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "threat_severity": "Moderate"}

{}