Vulnerability Description
The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).
CVSS Score
4.9
MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.6.22 |
References
- http://osvdb.org/37116
- http://secunia.com/advisories/25895
- http://secunia.com/advisories/26139
- http://secunia.com/advisories/26450
- http://secunia.com/advisories/26643
- http://secunia.com/advisories/26664
- http://secunia.com/advisories/27212
- http://secunia.com/advisories/27227
- http://secunia.com/advisories/27322
- http://www.debian.org/security/2007/dsa-1356
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.22-rc7
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:195
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
- http://www.novell.com/linux/security/advisories/2007_51_kernel.html
- http://www.novell.com/linux/security/advisories/2007_53_kernel.html
FAQ
What is CVE-2007-3513?
CVE-2007-3513 is a vulnerability with a CVSS score of 4.9 (MEDIUM). The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (m...
How severe is CVE-2007-3513?
CVE-2007-3513 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3513?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.