Linux kernel built with Edgeport USB serial converter driver io_ti, is vulnerable to a NULL pointer dereference flaw. It happens if the device is disconnected while in use. A user able to read/write from /dev/ttyUSB? file could use this flaw to crash the system, resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/1ee0a224bc9aad1de496c795f96bc6ba2c394811
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise MRG 2 may address this issue.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0744 https://rhn.redhat.com/errata/RHSA-2013-0744.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2013:0829 https://rhn.redhat.com/errata/RHSA-2013-0829.html