Description
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by R. Dominguez Veg · textdoslinux
https://www.exploit-db.com/exploits/35957
References (2)
Core 2
Core References
Exploit, Technical Description, Third Party Advisory x_refsource_misc
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=722393
Scores
CVSS v3
6.8
EPSS
0.0064
EPSS Percentile
70.6%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (2)
linux/linux_kernel
< 2.6.27
redhat/enterprise_linux
4.0
Published
Feb 11, 2020
Tracked Since
Feb 18, 2026