Johan Hovold

11 exploits Active since Nov 2015
CVE-2015-5257 WRITEUP WRITEUP
Linux kernel <4.2.4 - DoS
drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320.
CVE-2017-16525 WRITEUP MEDIUM WRITEUP
Linux kernel <4.13.8 - DoS
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.
CVSS 6.6
CVE-2017-5547 WRITEUP HIGH WRITEUP
Linux Kernel < 4.4.45 - Memory Corruption
drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
CVSS 7.8
CVE-2017-5549 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.9.4 - Log Information Exposure
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log.
CVSS 5.5
CVE-2017-8071 WRITEUP MEDIUM WRITEUP
Linux Kernel - Improper Resource Release
drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.
CVSS 5.5
CVE-2017-8072 WRITEUP HIGH WRITEUP
Linux Kernel 4.9.x before 4.9.9 - EIO Error in cp2112_gpio_direction_input
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.
CVSS 7.8
CVE-2017-8924 WRITEUP MEDIUM WRITEUP
Linux kernel <4.10.4 - Info Disclosure
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
CVSS 4.6
CVE-2017-8925 WRITEUP MEDIUM WRITEUP
Linux kernel <4.10.4 - DoS
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
CVSS 5.5
CVE-2020-11608 WRITEUP MEDIUM WRITEUP
Linux Kernel < 5.6.1 - NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
CVSS 4.3
CVE-2020-11609 WRITEUP MEDIUM WRITEUP
Linux Kernel < 5.6.1 - NULL Pointer Dereference
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
CVSS 4.3
CVE-2020-11668 WRITEUP HIGH WRITEUP
Linux Kernel < 5.6.1 - NULL Pointer Dereference
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
CVSS 7.1