Red Hat Bugzilla – Bug 1000474
CVE-2013-2898 Kernel: HID: sensor-hub: memory leak flaw
Last modified: 2016-03-04 06:20:33 EST
Linux kernel built with the Human Interface Device bus (CONFIG_HID) along with
the HID Sensors framework support(CONFIG_HID_SENSOR_HUB) is vulnerable to a
memory leakage flaw. It could occur when an HID device sends malicious output
report to the sensor-hub kernel driver.
A local user with physical access to the system could use this flaw to leak
kernel memory bytes.
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.