Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Jun 2016 13:57:57 +0200
From: Adam Maris <amaris@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: bad USB host adapter implementation
 can corrupt memory/brick machine

On 02/06/16 11:10, Marcus Meissner wrote:

> Hi,
>
> reported here:
>
> https://marc.info/?l=linux-usb&m=146480770532266&w=2
>
> issue is that the Frescologic device id 1009 host controller apparently
> has a broken XHCI STREAMS implementation which would lead to memory corruptions
>
> Redhat might have already assigned a CVE.
>
> I am not sure if this is controllable for code execution, but at least USB devices can be used
> to brick a machine with the kernel running (local denial of service)?
>
> Ciao, Marcus

Red Hat hasn't assigned CVE. Overall, this has only minor security
implications. Bricking machine doesn't seem to be easily reproducible,
since on the second tested mobo it merely showed as a random memory
corruption and hard locked system. It requires specific class of
external usb devices getting plugged into machine with specific broken
xhci controller.

-- 
Adam Mariš, Red Hat Product Security
1CCD 3446 0529 81E3 86AF  2D4C 4869 76E7 BEF0 6BC2


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ