CVE-2009-4067

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.27
redhatenterprise_linux
4.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
Fixed 2.6.24-29.95
released
linux-ec2
oneiric
dne
natty
dne
maverick
ignored
lucid
not-affected
hardy
dne
linux-fsl-imx51
oneiric
dne
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-lts-backport-maverick
oneiric
dne
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-lts-backport-natty
oneiric
dne
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-mvl-dove
oneiric
dne
natty
dne
maverick
not-affected
lucid
not-affected
hardy
dne
linux-ti-omap4
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=722393
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=722393