Linux Kernel drivers/net/wireless/rsi/rsi_91x_usb.c Double-Free Vulnerability

By GIXnews


A vulnerability in the Linux Kernel could allow an unauthenticated, remote attacker to access information, modify data, or cause a denial of service (DoS) condition on a targeted system.

The vulnerability exists in the drivers/net/wireless/rsi/rsi_91x_usb.c source code file of the affected software. An attacker could exploit this vulnerability by submitting malicious input to the USB drivers. A successful exploit could allow the attacker to access information, modify data, or cause a DoS condition on the system.

Kernel.org has confirmed the vulnerability and released software updates.

Security Impact Rating: Critical

CVE: CVE-2019-15504

Source:: Cisco Multivendor Vulnerability Alerts