{"id":"CVE-2017-17975","details":"Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.","modified":"2026-03-15T22:15:33.945029Z","published":"2017-12-30T01:29:00.877Z","related":["SUSE-SU-2018:0785-1","SUSE-SU-2018:0786-1","SUSE-SU-2018:0986-1"],"references":[{"type":"WEB","url":"https://usn.ubuntu.com/3657-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3653-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3656-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3653-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3654-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3654-2/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102330"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4188"},{"type":"REPORT","url":"http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.14.10"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17975.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}