Quickly plugging in and unplugging a USB hub can lead to a null pointer dereference in kernel (local denial of service) or the USB port to which the hub is connected becomes unusable, for kernel versions 2.6.32 < 4.4. The issue occurs when the USB hub gets disconnected before or while the routine for USB hub activation is running - hub_activate() function. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5 External references: http://www.spinics.net/lists/linux-usb/msg132311.html CVE-ID request and assignment: http://seclists.org/oss-sec/2016/q1/404 http://seclists.org/oss-sec/2016/q1/413
This was fixed in 4.3.5 with: commit 28fb0f5b4fa9b9e201b2c6d781382601b60feee3 Author: Alan Stern <stern.edu> Date: Wed Dec 16 13:32:38 2015 -0500 USB: fix invalid memory access in hub_activate() commit e50293ef9775c5f1cf3fcc093037dd6a8c5684ea upstream. Fedora 22 is the only branch still on the 4.3.y kernel series and it is already at 4.3.5 or newer. The remainder of the Fedora branches already contain this fix.
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7, and Red Hat Enterprise MRG 2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.