oss-sec mailing list archives
Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine
From: Marcus Meissner <meissner () suse de>
Date: Thu, 2 Jun 2016 14:00:51 +0200
On Thu, Jun 02, 2016 at 01:57:57PM +0200, Adam Maris wrote:
On 02/06/16 11:10, Marcus Meissner wrote:Hi, reported here: https://marc.info/?l=linux-usb&m=146480770532266&w=2 issue is that the Frescologic device id 1009 host controller apparently has a broken XHCI STREAMS implementation which would lead to memory corruptions Redhat might have already assigned a CVE. I am not sure if this is controllable for code execution, but at least USB devices can be used to brick a machine with the kernel running (local denial of service)? Ciao, MarcusRed Hat hasn't assigned CVE. Overall, this has only minor security implications. Bricking machine doesn't seem to be easily reproducible, since on the second tested mobo it merely showed as a random memory corruption and hard locked system. It requires specific class of external usb devices getting plugged into machine with specific broken xhci controller.
Hmm. Yes, if it cannot be attacker driven, then we could consider it a bug only. Ciao, Marcus
Current thread:
- CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Marcus Meissner (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Adam Maris (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Marcus Meissner (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Adam Maris (Jun 02)