Bug 306591 (CVE-2007-5093) - CVE-2007-5093 kernel PWC driver DoS
Summary: CVE-2007-5093 kernel PWC driver DoS
Alias: CVE-2007-5093
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 308471 308481 308491 308501 308511 308521 308531
TreeView+ depends on / blocked
Reported: 2007-09-26 09:37 UTC by Mark J. Cox
Modified: 2019-09-29 12:21 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-06-16 06:45:59 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2008:0275 0 normal SHIPPED_LIVE Important: kernel security and bug fix update 2008-05-20 09:58:29 UTC
Red Hat Product Errata RHSA-2008:0972 0 normal SHIPPED_LIVE Important: kernel security and bug fix update 2008-11-19 13:44:42 UTC

Description Mark J. Cox 2007-09-26 09:37:20 UTC
Linux Kernel USB PWC Driver Local Denial Of Service Vulnerability
        reported as fixed after

        If a 'pwc' device is disconnected, and a userspace application
        has the device opened, the USB subsystem will be blocked until
        it's closed. This allows attackers to block the entire USB
        subsystem from further use.


Comment 1 Mark J. Cox 2007-09-26 09:40:38 UTC
This is a low/none severity issue; in order to exploit this:

1. a local attacker needs to have the ability to open a connection to the webcam
(which is not the default, only the console user or root would have permissions
to open the connection to the usb port)
2. the attacker needs to convince someone to unplug the webcam

So this attack is only really feasible if the attacker is physically present at
the console (in which case there are much easier ways to DoS the machine).

Comment 3 Red Hat Product Security 2009-06-16 06:45:59 UTC
This issue was addressed in:

Red Hat Enterprise Linux:

Note You need to log in before you can comment on or make changes to this bug.