The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling. Upstream patch: https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1457213]
This was fixed for Fedora with the 4.10.4 stable update which first shipped to Fedora releases in March.