CVE-2017-16649 - log back

CVE-2017-16649 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
References
+ https://groups.google.com/forum/#!topic/syzkaller/0e0gmaX9R0g
+ https://git.kernel.org/linus/2cb80187ba065d7decad7c6614e35e07aec8a974
Notes