oss-sec mailing list archives
Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode
From: Greg KH <greg () kroah com>
Date: Mon, 6 May 2013 08:48:07 -0700
On Mon, May 06, 2013 at 05:40:24PM +0200, Marcus Meissner wrote:
On Sun, May 05, 2013 at 12:37:44AM -0600, Kurt Seifried wrote:On 05/03/2013 05:22 AM, P J P wrote:Hello, Linux kernel built with the ChipIdia Highspeed Dual Role Controller (CONFIG_USB_CHIPIDEA) along with the ChipIdea host controller (CONFIG_USB_CHIPIDEA_HOST) modules, is vulnerable to a kernel crash. It occurs while streaming content over network via USB/Ethernet adapter A user/program could use this flaw to crash the kernel resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/929473ea05db455ad88cdc081f2adc556b8dc48f Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=959210 Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602BPlease use CVE-2013-2058 for this issue.JFYI, the respective code was added in Linux 3.5 as far as I see.
And given the hardware involved, I really doubt any desktop/server distro ever enabled the driver. Or if they did, I doubt they had any users with this hardware present, it's an embedded USB controller core, so maybe a few Android systems might have it present. thanks, greg k-h
Current thread:
- CVE request: Linux kernel: chipidea: allow disabling streaming in host mode P J P (May 03)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Kurt Seifried (May 04)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Marcus Meissner (May 06)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Greg KH (May 06)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Marcus Meissner (May 06)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Kurt Seifried (May 04)