CVE-2017-16531
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via crafted system calls that use a USB_DT_INTERFACE_ASSOCIATION descriptor.
Source: CVE-2017-16531