Early Access — Mondoo Vulnerability Intelligence is currently in preview.

UBUNTU-CVE-2017-16647 | Mondoo Vulnerability Intelligence

UBUNTU-CVE-2017-16647

MEDIUM6.6

drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact

Published Nov 7, 2017

Modified 6 months ago

Fix available

Details

drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Affected Packages

Ubuntu:20.04:LTSlinux

Affected versions:

5.3.0-18.195.3.0-24.26

Fixed in:

5.4.0-9.12

Ubuntu:24.04:LTSlinux

Fixed in:

6.5.0-9.9

Ubuntu:18.04:LTSlinux

Affected versions:

4.13.0-16.194.13.0-17.204.13.0-25.294.13.0-32.35

Fixed in:

4.15.0-10.11

Ubuntu:22.04:LTSlinux

Fixed in:

5.13.0-19.19

Ubuntu:16.04:LTSlinux

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.18

Fixed in:

4.4.0-2.16

Ubuntu:14.04:LTSlinux

Fixed in:

3.11.0-12.19

Ubuntu:22.04:LTSlinux-aws

Fixed in:

5.13.0-1005.6

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1001.1

Ubuntu:14.04:LTSlinux-aws

Fixed in:

4.4.0-1002.2

Ubuntu:24.04:LTSlinux-aws

Fixed in:

6.5.0-1008.8

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1001.10

Ubuntu:20.04:LTSlinux-aws

Affected versions:

5.3.0-1003.35.3.0-1008.95.3.0-1009.105.3.0-1010.11

Fixed in:

5.4.0-1005.5

Ubuntu:20.04:LTSlinux-aws-5.15

Fixed in:

5.15.0-1014.18~20.04.1

Ubuntu:18.04:LTSlinux-aws-5.4

Fixed in:

5.4.0-1018.18~18.04.1

Ubuntu:FIPS:20.04:LTSlinux-aws-fips

Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-aws-fips

Fixed in:

4.15.0-2000.4

Ubuntu:FIPS-updates:18.04:LTSlinux-aws-fips

Ubuntu:FIPS:18.04:LTSlinux-aws-fips

Ubuntu:Pro:FIPS:18.04:LTSlinux-aws-fips

Fixed in:

4.15.0-2000.4

Ubuntu:FIPS-updates:22.04:LTSlinux-aws-fips

Affected versions:

5.15.0-1051.56+fips1

Ubuntu:Pro:FIPS-updates:20.04:LTSlinux-aws-fips

Fixed in:

5.4.0-1021.21+fips2

Ubuntu:FIPS-updates:20.04:LTSlinux-aws-fips

Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-aws-fips

Affected versions:

5.15.0-1051.56+fips1

Fixed in:

5.15.0-1052.57+fips1

Ubuntu:Pro:FIPS-preview:22.04:LTSlinux-aws-fips

Affected versions:

5.15.0-1042.47+fips1

Fixed in:

5.15.0-1051.56+fips1

Ubuntu:Pro:FIPS:20.04:LTSlinux-aws-fips

Fixed in:

5.4.0-1021.21+fips2

Ubuntu:FIPS-preview:22.04:LTSlinux-aws-fips

Affected versions:

5.15.0-1042.47+fips1

Ubuntu:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1030.31~16.04.1

Ubuntu:20.04:LTSlinux-azure

Affected versions:

5.3.0-1003.35.3.0-1008.95.3.0-1009.10

Fixed in:

5.4.0-1006.6

Ubuntu:16.04:LTSlinux-azure

Affected versions:

4.11.0-1009.94.11.0-1011.114.11.0-1013.134.11.0-1014.144.11.0-1015.154.11.0-1016.164.13.0-1005.74.13.0-1006.84.13.0-1007.94.13.0-1009.12+2 more

Fixed in:

4.13.0-1014.17

Ubuntu:24.04:LTSlinux-azure

Fixed in:

6.5.0-1007.7

Ubuntu:22.04:LTSlinux-azure

Fixed in:

5.13.0-1006.7

Ubuntu:18.04:LTSlinux-azure

Fixed in:

4.15.0-1002.2

Ubuntu:14.04:LTSlinux-azure

Fixed in:

4.15.0-1023.24~14.04.1

Ubuntu:18.04:LTSlinux-azure-4.15

Fixed in:

4.15.0-1082.92

Ubuntu:20.04:LTSlinux-azure-5.15

Fixed in:

5.15.0-1007.8~20.04.1

Ubuntu:18.04:LTSlinux-azure-5.4

Fixed in:

5.4.0-1020.20~18.04.1

Ubuntu:22.04:LTSlinux-azure-fde

Fixed in:

5.15.0-1019.24.1

Ubuntu:Pro:20.04:LTSlinux-azure-fde

Affected versions:

5.4.0-1063.66+cvm2.25.4.0-1063.66+cvm3.25.4.0-1064.67+cvm1.15.4.0-1065.68+cvm2.15.4.0-1067.70+cvm1.15.4.0-1068.71+cvm1.15.4.0-1069.72+cvm1.15.4.0-1070.73+cvm1.15.4.0-1072.75+cvm1.15.4.0-1073.76+cvm1.1+16 more

Ubuntu:20.04:LTSlinux-azure-fde-5.15

Fixed in:

5.15.0-1019.24~20.04.1.1

Ubuntu:Pro:FIPS-updates:20.04:LTSlinux-azure-fips

Fixed in:

5.4.0-1022.22+fips1

Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-azure-fips

Affected versions:

5.15.0-1053.61+fips1

Fixed in:

5.15.0-1058.66+fips1

Ubuntu:Pro:FIPS:18.04:LTSlinux-azure-fips

Fixed in:

4.15.0-1002.2

Ubuntu:Pro:FIPS-preview:22.04:LTSlinux-azure-fips

Fixed in:

5.15.0-1053.61+fips1

Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-azure-fips

Fixed in:

4.15.0-1002.2

Ubuntu:Pro:FIPS:20.04:LTSlinux-azure-fips

Fixed in:

5.4.0-1022.22+fips1

Ubuntu:20.04:LTSlinux-bluefield

Fixed in:

5.4.0-1007.10

Ubuntu:22.04:LTS:for:NVIDIA:BlueFieldlinux-bluefield

Fixed in:

5.15.0-1011.13

Ubuntu:FIPS:16.04:LTSlinux-fips

Ubuntu:Pro:FIPS:16.04:LTSlinux-fips

Fixed in:

4.4.0-1003.3

Ubuntu:Pro:FIPS:16.04:LTSlinux-fips

Fixed in:

4.4.0-1001.1

Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-fips

Fixed in:

4.15.0-1027.32

Ubuntu:Pro:FIPS-preview:22.04:LTSlinux-fips

Fixed in:

5.15.0-73.80+fips1

Ubuntu:Pro:FIPS-updates:20.04:LTSlinux-fips

Fixed in:

5.4.0-1026.30

Ubuntu:Pro:FIPS:20.04:LTSlinux-fips

Fixed in:

5.4.0-1007.8

Ubuntu:Pro:FIPS:18.04:LTSlinux-fips

Fixed in:

4.15.0-1011.12

Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-fips

Affected versions:

5.15.0-73.80+fips1

Fixed in:

5.15.0-92.102+fips1

Ubuntu:16.04:LTSlinux-gcp

Affected versions:

4.10.0-1004.44.10.0-1006.64.10.0-1007.74.10.0-1008.84.10.0-1009.94.13.0-1002.54.13.0-1006.94.13.0-1007.104.13.0-1008.114.13.0-1011.15

Fixed in:

4.13.0-1012.16

Ubuntu:18.04:LTSlinux-gcp

Fixed in:

4.15.0-1001.1

Ubuntu:24.04:LTSlinux-gcp

Fixed in:

6.5.0-1007.7

Ubuntu:20.04:LTSlinux-gcp

Affected versions:

5.3.0-1004.45.3.0-1009.105.3.0-1011.12

Fixed in:

5.4.0-1005.5

Ubuntu:22.04:LTSlinux-gcp

Fixed in:

5.13.0-1005.6

Ubuntu:18.04:LTSlinux-gcp-4.15

Fixed in:

4.15.0-1071.81

Ubuntu:20.04:LTSlinux-gcp-5.15

Fixed in:

5.15.0-1006.9~20.04.1

Ubuntu:18.04:LTSlinux-gcp-5.4

Fixed in:

5.4.0-1019.19~18.04.2

Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-gcp-fips

Fixed in:

5.15.0-1048.56+fips1

Ubuntu:Pro:FIPS:20.04:LTSlinux-gcp-fips

Fixed in:

5.4.0-1021.21+fips1

Ubuntu:Pro:FIPS:18.04:LTSlinux-gcp-fips

Fixed in:

4.15.0-1001.1

Ubuntu:Pro:FIPS-preview:22.04:LTSlinux-gcp-fips

Fixed in:

5.15.0-1048.56+fips1

Ubuntu:Pro:FIPS-updates:20.04:LTSlinux-gcp-fips

Fixed in:

5.4.0-1021.21+fips1

Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-gcp-fips

Fixed in:

4.15.0-2013.14

Ubuntu:Pro:20.04:LTSlinux-gke

Affected versions:

5.4.0-1033.355.4.0-1035.375.4.0-1036.385.4.0-1037.395.4.0-1039.415.4.0-1041.435.4.0-1042.445.4.0-1043.455.4.0-1044.465.4.0-1046.48+41 more

Ubuntu:24.04:LTSlinux-gke

Fixed in:

6.8.0-1003.5

Ubuntu:22.04:LTSlinux-gke

Fixed in:

5.15.0-1002.2

Ubuntu:22.04:LTSlinux-gkeop

Fixed in:

5.15.0-1001.2

Ubuntu:24.04:LTSlinux-gkeop

Fixed in:

6.8.0-1001.3

Ubuntu:20.04:LTSlinux-gkeop

Fixed in:

5.4.0-1008.9

Ubuntu:20.04:LTSlinux-gkeop-5.15

Fixed in:

5.15.0-1003.5~20.04.2

Ubuntu:16.04:LTSlinux-hwe

Affected versions:

4.10.0-27.30~16.04.24.10.0-28.32~16.04.24.10.0-30.34~16.04.14.10.0-32.36~16.04.14.10.0-33.37~16.04.14.10.0-35.39~16.04.14.10.0-37.41~16.04.14.10.0-38.42~16.04.14.10.0-40.44~16.04.14.10.0-42.46~16.04.1+21 more

Fixed in:

4.13.0-41.46~16.04.1

Ubuntu:20.04:LTSlinux-hwe-5.15

Fixed in:

5.15.0-33.34~20.04.1

Ubuntu:18.04:LTSlinux-hwe-5.4

Fixed in:

5.4.0-37.41~18.04.1

Ubuntu:22.04:LTSlinux-hwe-6.8

Fixed in:

6.8.0-38.38~22.04.1

Ubuntu:18.04:LTSlinux-hwe-edge

Fixed in:

5.0.0-15.16~18.04.1

Ubuntu:22.04:LTSlinux-ibm

Fixed in:

5.15.0-1002.2

Ubuntu:24.04:LTSlinux-ibm

Fixed in:

6.5.0-1009.9

Ubuntu:20.04:LTSlinux-ibm

Fixed in:

5.4.0-1003.4

Ubuntu:20.04:LTSlinux-ibm-5.15

Fixed in:

5.15.0-1033.36~20.04.1

Ubuntu:18.04:LTSlinux-ibm-5.4

Fixed in:

5.4.0-1010.11~18.04.2

Ubuntu:Pro:22.04:LTS:Realtime:Kernellinux-intel-iot-realtime

Fixed in:

5.15.0-1021.26

Ubuntu:22.04:LTSlinux-intel-iot-realtime

Affected versions:

5.15.0-1073.75

Ubuntu:22.04:LTS:Realtime:Kernellinux-intel-iot-realtime

Ubuntu:22.04:LTSlinux-intel-iotg

Fixed in:

5.15.0-1004.6

Ubuntu:20.04:LTSlinux-intel-iotg-5.15

Fixed in:

5.15.0-1003.5~20.04.1

Ubuntu:20.04:LTSlinux-iot

Fixed in:

5.4.0-1001.3

Ubuntu:20.04:LTSlinux-kvm

Affected versions:

5.3.0-1003.35.3.0-1008.95.3.0-1009.10

Fixed in:

5.4.0-1004.4

Ubuntu:22.04:LTSlinux-kvm

Fixed in:

5.13.0-1004.4

Ubuntu:18.04:LTSlinux-kvm

Fixed in:

4.15.0-1002.2

Ubuntu:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1004.9

Ubuntu:22.04:LTSlinux-lowlatency

Fixed in:

5.15.0-22.22

Ubuntu:24.04:LTSlinux-lowlatency

Fixed in:

6.5.0-9.9.1

Ubuntu:20.04:LTSlinux-lowlatency-hwe-5.15

Fixed in:

5.15.0-33.34~20.04.1

Ubuntu:22.04:LTSlinux-lowlatency-hwe-6.8

Fixed in:

6.8.0-38.38.1~22.04.2

Ubuntu:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-13.29~14.04.1

Ubuntu:24.04:LTSlinux-nvidia

Fixed in:

6.8.0-1007.7

Ubuntu:22.04:LTSlinux-nvidia

Fixed in:

5.15.0-1005.5

Ubuntu:22.04:LTSlinux-nvidia-6.5

Fixed in:

6.5.0-1004.4

Ubuntu:22.04:LTSlinux-nvidia-6.8

Fixed in:

6.8.0-1008.8~22.04.1

Ubuntu:24.04:LTSlinux-nvidia-lowlatency

Fixed in:

6.8.0-1009.9.1

Ubuntu:16.04:LTSlinux-oem

Affected versions:

4.13.0-1008.94.13.0-1010.114.13.0-1012.134.13.0-1015.164.13.0-1017.184.13.0-1019.204.13.0-1020.214.13.0-1021.23

Fixed in:

4.13.0-1022.24

Ubuntu:18.04:LTSlinux-oem

Fixed in:

4.15.0-1002.3

Ubuntu:24.04:LTSlinux-oem-6.8

Fixed in:

6.8.0-1003.3

Ubuntu:24.04:LTSlinux-oracle

Fixed in:

6.5.0-1010.10

Ubuntu:18.04:LTSlinux-oracle

Fixed in:

4.15.0-1007.9

Ubuntu:22.04:LTSlinux-oracle

Fixed in:

5.13.0-1008.10

Ubuntu:16.04:LTSlinux-oracle

Fixed in:

4.15.0-1007.9~16.04.1

Ubuntu:20.04:LTSlinux-oracle

Affected versions:

5.3.0-1002.25.3.0-1007.85.3.0-1008.9

Fixed in:

5.4.0-1005.5

Ubuntu:20.04:LTSlinux-oracle-5.15

Fixed in:

5.15.0-1007.9~20.04.1

Ubuntu:18.04:LTSlinux-oracle-5.4

Fixed in:

5.4.0-1019.19~18.04.1

Ubuntu:24.04:LTSlinux-raspi

Fixed in:

6.5.0-1005.7

Ubuntu:22.04:LTSlinux-raspi

Fixed in:

5.13.0-1008.9

Ubuntu:20.04:LTSlinux-raspi

Fixed in:

5.4.0-1007.7

Ubuntu:18.04:LTSlinux-raspi-5.4

Fixed in:

5.4.0-1013.13~18.04.1

Ubuntu:24.04:LTSlinux-raspi-realtime

Affected versions:

6.8.0-2019.20

Ubuntu:Pro:24.04:LTS:Realtime:Kernellinux-raspi-realtime

Fixed in:

6.7.0-2001.1

Ubuntu:24.04:LTS:Realtime:Kernellinux-raspi-realtime

Ubuntu:Pro:20.04:LTSlinux-raspi2

Affected versions:

5.3.0-1007.85.3.0-1014.165.3.0-1015.175.3.0-1017.195.4.0-1004.45.4.0-1006.6

Ubuntu:18.04:LTSlinux-raspi2

Affected versions:

4.13.0-1005.54.13.0-1006.64.13.0-1008.8

Fixed in:

4.15.0-1006.7

Ubuntu:Pro:22.04:LTS:Realtime:Kernellinux-realtime

Fixed in:

5.15.0-1006.6

Ubuntu:22.04:LTSlinux-realtime

Affected versions:

5.15.0-1032.35

Ubuntu:24.04:LTSlinux-realtime

Fixed in:

6.8.1-1015.16

Ubuntu:Pro:24.04:LTS:Realtime:Kernellinux-realtime

Fixed in:

6.8.0-1008.19

Ubuntu:24.04:LTSlinux-riscv

Fixed in:

6.5.0-9.9.1

Ubuntu:Pro:20.04:LTSlinux-riscv

Affected versions:

5.4.0-24.285.4.0-26.305.4.0-27.315.4.0-28.325.4.0-30.345.4.0-31.355.4.0-33.375.4.0-34.385.4.0-36.415.4.0-37.42+2 more

Ubuntu:22.04:LTSlinux-riscv

Affected versions:

5.13.0-1004.45.13.0-1006.6+22.04.15.13.0-1007.7+22.04.15.13.0-1010.11+22.04.15.15.0-1004.45.15.0-1005.55.15.0-1006.65.15.0-1007.75.15.0-1008.85.15.0-1011.12+13 more

Ubuntu:20.04:LTSlinux-riscv-5.15

Fixed in:

5.15.0-1015.17~20.04.1

Ubuntu:22.04:LTSlinux-riscv-6.8

Fixed in:

6.8.0-38.38.1~22.04.1

Ubuntu:22.04:LTSlinux-xilinx-zynqmp

Fixed in:

5.15.0-1022.26

Ubuntu:20.04:LTSlinux-xilinx-zynqmp

Fixed in:

5.4.0-1020.24

References

REPORThttps://groups.google.com/d/msg/syzkaller/_9a6pd-p_0E/OnmnplQuAgAJ REPORThttps://patchwork.ozlabs.org/patch/834686/REPORThttps://ubuntu.com/security/CVE-2017-16647 REPORThttps://ubuntu.com/security/notices/USN-3617-1 REPORThttps://ubuntu.com/security/notices/USN-3617-2 REPORThttps://ubuntu.com/security/notices/USN-3617-3 REPORThttps://www.cve.org/CVERecord?id=CVE-2017-16647

CVSS Analysis

CVSS v3.0

6.6

Exploitability

Attack Vector

PhysicalAV:P

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Related

CVE-2017-16647 USN-3617-1 USN-3617-2 USN-3617-3

Timeline

PublishedNov 7, 2017

ModifiedJun 24, 2025