Linux Kernel ath6kl_usb_alloc_urb_from_pipe Function NULL Pointer Dereference Vulnerability
A vulnerability in the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to a NULL pointer dereference condition that exists in the ath6kl_usb_alloc_urb_from_pipe function, as defined in the drivers/net/wireless/ath/ath6kl/usb.c source code file of the affected software. An attacker with physical access to a targeted system could exploit this vulnerability by inserting a USB device that submits malicious input to the targeted system. A successful exploit could cause a DoS condition on the system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
Kernel.org has not confirmed the vulnerability and software updates are not available.
Security Impact Rating: Medium