How severe is CVE-2017-8924?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2017-8924?

This is classified as CWE-191, which is a common weakness in software security.

CVE-2017-8924

MEDIUM Year: 2017

CVSS v3 Score

4.6

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-191

View all →

Vulnerability Description

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.

CVE-2023-20635

MEDIUM

CVSS:4.4(Medium)

In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not n...

CWE-1912023

CVE-2023-24911

MEDIUM

CVSS:4.3(Medium)

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CWE-1912023

CVE-2024-50594

MEDIUM

CVSS:4.3(Medium)

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial o...

CWE-1912024

CVE-2024-50595

MEDIUM

CVSS:4.3(Medium)

CWE-1912024

CVE-2024-50596

MEDIUM

CVSS:4.3(Medium)

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. A...

CWE-1912024