Linux kernel built with the Human Interface Device bus (CONFIG_HID) or USB Human Interface Device(CONFIG_USB_HID) support is vulnerable to a memory corruption flaw. It could occur if an HID device sends malicious HID report with the Report_ID of greater than 255. A local user with physical access to the system could use this flaw to crash the system resulting in DoS or, potentially, escalate their privileges on the system. Upstream fix: ------------- -> https://git.kernel.org/linus/43622021d2e2b82ea03d883926605bdd0525e1d1
Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Note: user would need physical access to the system to exploit this issue.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1002543]
kernel-3.10.11-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.10.11-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2013:1490 https://rhn.redhat.com/errata/RHSA-2013-1490.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1645 https://rhn.redhat.com/errata/RHSA-2013-1645.html
This issue has been addressed in following products: RHEV-H and Agents for RHEL-6 Via RHSA-2013:1527 https://rhn.redhat.com/errata/RHSA-2013-1527.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0433 https://rhn.redhat.com/errata/RHSA-2014-0433.html