Red Hat Bugzilla – Bug 197610
CVE-2006-2936 Possible DoS in write routine of ftdi_sio driver
Last modified: 2007-11-30 17:07:26 EST
Patch from Ian Abbott <firstname.lastname@example.org>
This patch limits the amount of outstanding 'write' data that can be queued up
for the ftdi_sio driver, to prevent userspace DoS attacks (or simple accidents)
that use up all the system memory by writing lots of data to the serial port.
Created attachment 132097 [details]
Candidate #1 - Abbreviated version for RHEL-4
I threw out the unrelated garbage from the receive path.
committed in stream E5 build 42.0.1. A test kernel with this patch is available
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
committed in stream U5 build 42.4. A test kernel with this patch is available