Date: Mon, 6 May 2013 17:40:24 +0200 From: Marcus Meissner <meissner@...e.de> To: oss-security@...ts.openwall.com, kseifried@...hat.com Subject: Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode On Sun, May 05, 2013 at 12:37:44AM -0600, Kurt Seifried wrote: > On 05/03/2013 05:22 AM, P J P wrote: > > Hello, > > > > Linux kernel built with the ChipIdia Highspeed Dual Role > > Controller (CONFIG_USB_CHIPIDEA) along with the ChipIdea host > > controller (CONFIG_USB_CHIPIDEA_HOST) modules, is vulnerable to a > > kernel crash. It occurs while streaming content over network via > > USB/Ethernet adapter > > > > A user/program could use this flaw to crash the kernel resulting in > > DoS. > > > > Upstream fix: ------------- -> > > https://git.kernel.org/linus/929473ea05db455ad88cdc081f2adc556b8dc48f > > > > Reference: ---------- -> > > https://bugzilla.redhat.com/show_bug.cgi?id=959210 > > > > Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A > > 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B > > Please use CVE-2013-2058 for this issue. JFYI, the respective code was added in Linux 3.5 as far as I see. Ciao, Marcus
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.