The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device. Upstream patch: https://patchwork.ozlabs.org/patch/834770/ Bug report: https://groups.google.com/forum/#!msg/syzkaller/0e0gmaX9R0g/9Me9JcY2BQAJ
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1516274]