Linux kernel built with the USB Serial Converter support(USB_SERIAL) along with a USB ConnectTech WhiteHEAT Serial Driver(CONFIG_USB_SERIAL_WHITEHEAT) is vulnerable to a memory corruption flaw. It could occur when reading completion commands via USB Request Blocks buffers. A local user with physical access to the system could use this flaw to corrupt kernel memory area or crash the system kernel resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/6817ae225cd650fb1c3295d769298c38b1eba818
Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1141411]
This issue has been addressed in the following products: MRG for RHEL-6 v.2 Via RHSA-2014:1318 https://rhn.redhat.com/errata/RHSA-2014-1318.html
IssueDescription: A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2014:1843 https://rhn.redhat.com/errata/RHSA-2014-1843.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2014:1971 https://rhn.redhat.com/errata/RHSA-2014-1971.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 EUS - Server and Compute Node Only Via RHSA-2015:0284 https://rhn.redhat.com/errata/RHSA-2015-0284.html