CVE-2009-4067 (retired)

Priority
Description
A buffer overflow flaw was found in the Linux kernel's Auerswald PBX/System
Telephone usb driver implementation. There's no upstream patch as the affected
driver was removed from the kernel in 2.6.27.
Ubuntu-Description
It was discovered that the Auerswald usb driver incorrectly handled lengths
of the USB string descriptors. A local attacker with physical access could
insert a specially crafted USB device and gain root privileges.
Package
Upstream:needed
Package
Upstream:needed
Package
Upstream:needed
Package
Upstream:needed
Package
Upstream:needed
Package
Upstream:needed
More Information

Updated: 2019-03-26 11:49:39 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)