1. Home
  2. CVE Database
  3. CVE-2015-7566
MEDIUM · 4.6

CVE-2015-7566

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash...

Vulnerability Description

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
NovellSuse Linux Enterprise Software Development Kit11
NovellSuse Linux Enterprise Debuginfo11
NovellSuse Linux Enterprise Real Time Extension11
NovellSuse Linux Enterprise Server11
LinuxLinux Kernel<= 4.4.1

References

FAQ

What is CVE-2015-7566?

CVE-2015-7566 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash...

How severe is CVE-2015-7566?

CVE-2015-7566 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7566?

Check the references section above for vendor advisories and patch information. Affected products include: Novell Suse Linux Enterprise Software Development Kit, Novell Suse Linux Enterprise Debuginfo, Novell Suse Linux Enterprise Real Time Extension, Novell Suse Linux Enterprise Server, Linux Linux Kernel.