Linux Kernel flexcop_usb_probe Function NULL Pointer Dereference Vulnerability
A vulnerability in the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to a NULL pointer dereference condition that exists in the flexcop_usb_probe function, as defined in the drivers/media/usb/b2c2/flexcop-usb.c source code file of the affected software. An attacker with physical access to a targeted system could exploit this vulnerability by inserting a USB device that submits malicious input to the targeted system. A successful exploit could cause a DoS condition on the system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
Kernel.org has not confirmed the vulnerability and software updates are not available.
Security Impact Rating: Medium