Felipe Balbi

3 exploits Active since Nov 2016
CVE-2016-7912 WRITEUP HIGH WRITEUP
Linux Kernel 3.15-3.16.40 - Use-After-Free in ffs_user_copy_worker
Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call.
CVSS 7.8
CVE-2017-16532 WRITEUP MEDIUM WRITEUP
Linux Kernel < 3.2.95 - Denial of Service via USB Device in usbtest
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
CVSS 6.6
CVE-2019-14763 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.16.4 - Denial of Service via Double-Locking in USB DWC3 Gadget Driver
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
CVSS 5.5