VDB

CVE-2017-5549

CVE-2017-5549 PUBLISHED

The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log.

EPSS 0.08% · 24.1th percentile

Risk Scores

EPSS Score
0.08%
24.1th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSlinux-raspi25.3.0-1017.19, 0, 5.3.0-1014.16
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1085.90+cvm2.1, 5.4.0-1085.90+cvm1.1, 5.4.0-1083.87+cvm1.1
Ubuntu:16.04:LTSlinux-raspi24.4.0-1010.13, 4.4.0-1012.16, 4.4.0-1017.23
Ubuntu:16.04:LTSlinux-hwe*, 0, 4.8.0-36.36~16.04.1
Ubuntu:16.04:LTSlinux4.4.0-8.23, 4.3.0-6.17, 4.3.0-7.18
Ubuntu:16.04:LTSlinux-aws0, 4.4.0-1001.10
Ubuntu:20.04:LTSlinux-gke5.4.0-1084.90, 5.4.0-1086.93, 5.4.0-1087.94
Ubuntu:14.04:LTSlinux3.13.0-143.192, 0, 3.11.0-12.19
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-13.29~14.04.1, *, *
Ubuntu:22.04:LTSlinux-riscv5.13.0-1004.4, 0, 5.15.0-1006.6
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1032.36, 4.4.0-1030.33, 4.4.0-1026.29
Ubuntu:20.04:LTSlinux-riscv5.4.0-40.45, 5.4.0-37.42, 5.4.0-36.41
Ubuntu:24.04:LTSlinux-raspi-realtime0, 6.8.0-2019.20
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35

Exploit Intelligence

Timeline

  • Feb 6, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›