CVE-2020-11609

CVSS v3.1 4.3 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.05 % (18^th)

Affected Products 2

Advisories 14

An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2020-04-07 17:15:14
(4 years ago)
Updated Date: 2020-06-13 09:15:12
(4 years ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 5.6.1 version	cpe:2.3:o:linux:linux_kernel		< 5.6.1

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts