oss-sec mailing list archives
CVE Request: Linux kernel USB hub invalid memory access in hub_activate()
From: "Cornea, Alexandru" <alexandru.cornea () intel com>
Date: Tue, 23 Feb 2016 13:41:06 +0000
Hello, Quickly plugging in and unplugging a USB hub can lead to a null pointer dereference in kernel (local denial of service) or the USB port to which the hub is connected becomes unusable, for kernel versions 2.6.32 < 4.4. The issue occurs when the USB hub gets disconnected before or while the routine for USB hub activation is running - hub_activate() function. Bug reported on the kernel USB mailing list: http://www.spinics.net/lists/linux-usb/msg132311.html Issue is fixed in kernel 4.4, by commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5 Could a CVE please be assigned to this issue? (it has not been previously requested anywhere else) Thanks, Alex --- Regards, Alexandru Cornea Security QA Engineer Intel SSG OTC Romania
Current thread:
- CVE Request: Linux kernel USB hub invalid memory access in hub_activate() Cornea, Alexandru (Feb 23)
- Re: CVE Request: Linux kernel USB hub invalid memory access in hub_activate() cve-assign (Feb 23)