Bug 1324782 (CVE-2016-3951)
| Summary: | CVE-2016-3951 kernel: crash on invalid USB device descriptors (usbnet driver) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | agordeev, aquini, arm-mgr, as.kmr.sinh+redhat, bhu, carnil, dhoward, esammons, fhrbata, gansalmon, iboverma, itamar, jdimopou, jforbes, jkacur, joelsmith, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, kstutsma, lgoncalv, lwang, madhu.chinakonda, matt, mchehab, mcressma, mguzik, nmurray, pholasek, plougher, rt-maint, rvrbovsk, slawomir, vdronov, williams, wmealing |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-04-11 13:21:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1324815 | ||
| Bug Blocks: | 1317020 | ||
|
Description
Andrej Nemec
2016-04-07 09:41:11 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1324815] Statement: This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. kernel-4.4.7-300.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. The problem still persists with kernel 4.4.7-300.fc23. I have noticed unusual high CPU temperatures after kernel-4.4.7-300.fc23.x86_64 upgrade. Last good version was kernel-4.4.6-301.fc23.x86_64.
*-cpu
description: CPU
product: Core i5 (To Be Filled By O.E.M.)
vendor: Intel Corp.
physical id: 3a
bus info: cpu@0
version: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
serial: To Be Filled By O.E.M.
slot: U3E1
size: 1595MHz
capacity: 2600MHz
width: 64 bits
clock: 100MHz
capabilities: x86-64 fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt cpufreq
configuration: cores=2 enabledcores=2 threads=4
kernel-4.4.8-200.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. Gday Ashesh, This bug is specifically about the security issue in usbnet, please create a bug in the Fedora component of this bugzilla. Thanks. |