Bug 1283355
Summary: | CVE-2016-2184 Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd_usb_audio driver bug1) [local-DoS] | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ralf Spenneberg <ralf> | ||||||||
Component: | kernel | Assignee: | Don Zickus <dzickus> | ||||||||
kernel sub component: | USB | QA Contact: | Mike Gahagan <mgahagan> | ||||||||
Status: | CLOSED WONTFIX | Docs Contact: | |||||||||
Severity: | high | ||||||||||
Priority: | unspecified | CC: | sergej, vdronov | ||||||||
Version: | 7.1 | Keywords: | Security, SecurityTracking | ||||||||
Target Milestone: | rc | ||||||||||
Target Release: | 7.3 | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Release Note | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2016-03-31 13:34:03 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 1317012 | ||||||||||
Attachments: |
|
Description
Ralf Spenneberg
2015-11-18 19:31:02 UTC
Created attachment 1096235 [details]
vUSBf Payload
Created attachment 1096236 [details]
Stacktrace
Created attachment 1096237 [details]
Arduino firmware demonstrating the bug
CVE-2016-2184 which is Red Hat's private CVE ID was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you. Public via: http://seclists.org/bugtraq/2016/Mar/88 upstream patches from Takashi Iwai: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=902eb7fd1e4af3ac69b9b30f8373f118c92b9729 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=447d6275f0c21f6cc97a88b3a0c601436a4cdf2a Thank you for reporting this flaw. The Product Security has rated this flaw as having low security impact (bz#1317012), so the patch is currently not planned to be added to the RHEL source trees. If accepted to the upstream, the patch may get to the RHEL trees later at the next USB subsystem code rebase. |