Bug 1283390
Summary: | CVE-2016-2188 Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) [local-DoS] | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ralf Spenneberg <ralf> | ||||||||
Component: | kernel | Assignee: | Don Zickus <dzickus> | ||||||||
kernel sub component: | USB | QA Contact: | Mike Gahagan <mgahagan> | ||||||||
Status: | CLOSED WONTFIX | Docs Contact: | |||||||||
Severity: | high | ||||||||||
Priority: | unspecified | CC: | sergej, vdronov | ||||||||
Version: | 7.1 | Keywords: | Security, SecurityTracking | ||||||||
Target Milestone: | rc | ||||||||||
Target Release: | 7.3 | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Release Note | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2016-03-18 13:53:35 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 1317018 | ||||||||||
Attachments: |
|
Description
Ralf Spenneberg
2015-11-18 20:55:24 UTC
Created attachment 1096320 [details]
vUSBf Payload
Created attachment 1096322 [details]
Stacktrace
Created attachment 1096325 [details]
Arduino firmware demonstrating the bug
CVE-2016-2188 which is Red Hat's private CVE ID was assigned to this security flaw. Please, use it in the public communications regarding this flaw, thank you. Public via: http://seclists.org/bugtraq/2016/Mar/87 patch sent upstream for CVE-2016-2188 (iowarrior driver) linux-usb@ patch and thread: http://marc.info/?l=linux-usb&m=145796659429788&w=2 http://www.spinics.net/lists/linux-usb/msg137697.html linux-kernel@ patch and thread: http://marc.info/?l=linux-kernel&m=145796658029778&w=2 http://www.spinics.net/lists/kernel/msg2211859.html Thank you for reporting this flaw. The Product Security has rated this flaw as having low security impact (bz#1317018), so the patch is currently not planned to be added to the RHEL source trees. If accepted to the upstream, the patch may get to the RHEL trees later at the next USB subsystem code rebase. |