An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
4.4.0-173.2034.4.0-1101.1124.15.0-1060.62~16.04.14.15.0-1071.764.15.0-1055.594.15.0-88.88~16.04.14.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more4.4.0-1065.724.15.0-1033.36~16.04.14.4.0-1128.137Exploitability
AV:PAC:LPR:NUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H