retired/CVE-2017-16534


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: USB: core: harden cdc_parse_cdc_header
References:
Notes:
 bwh> Introduced in 4.4 by commit c40a2c8817e4 "CDC: common parser for extra
 bwh> headers", but there may be similar bugs in individual drivers in older
 bwh> versions.  cdc_ether seems to have missed a length check for
 bwh> USB_CDC_ACM_TYPE.
Bugs:
upstream: released (4.14-rc4) [2e1c42391ff2556387b3cb6308b24f6f65619feb]
4.9-upstream-stable: released (4.9.55) [767f7a2cf33a135fe3f57010b51c3f6e92d7677d]
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.13.10-1)
4.9-stretch-security: released (4.9.65-1)
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"