A vulnerability was found in the Linux kernels driver for the RIO 500. The driver itself was not designed to allow for multiple RIO500 devices to be pluggged into the system. The Rio 500 was an early generation portal MP3 digital audio player produced by Diamond Multimedia which used a USB connection to connect to the computer. According to upstream this driver is rarely used due to both the rarity of the hardware and that the userspace software migrated to libusb as a transport mechanism. Reference: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3864d33943b4a76c6e64616280e98d2410b1190f https://syzkaller.appspot.com/bug?id=64aa96c96f594a77eb8d945df21ec76dd35573b3
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1743557]
This was fixed for Fedora with the 5.1.18 stable kernel updates.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-15212
Mitigation: As the rio500 module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions: # echo "blacklist rio500" >> /etc/modprobe.d/rio-500.conf # echo "install rio500 /bin/false" >> /etc/modprobe.d/rio-500.conf The system will need to be restarted if the RIO500 modules are loaded. In most circumstances, the kernel modules will be unable to be unloaded while any devices or programs are using the USB device. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.