Bug 1743502 (CVE-2018-20961)
Summary: | CVE-2018-20961 kernel: double free vulnerability in function f_midi_set_alt in drivers/usb/gadget/function/f_midi.c causing denial of service | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, airlied, bhu, blc, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, masami256, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, plougher, rt-maint, rvrbovsk, steved, williams, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A vulnerability was found in the Linux kernel’s implementation of generic USB MIDI device handling. Some USB gadgets have multiple 'modes' devices that can switch between modes and possibly cause a double-free flaw. An attacker could use this flaw to cause a denial of service and possible memory corruption or privilege escalation.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-02-20 14:09:35 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1743503 | ||
Bug Blocks: | 1743511 |
Description
Dhananjay Arunesh
2019-08-20 07:07:28 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1743503] This was fixed for Fedora in the 4.16.4 stable updates. Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. Reproducer: No reproducer exists at this time. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20961 |