oss-sec mailing list archives

Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode

From: Marcus Meissner <meissner () suse de>
Date: Mon, 6 May 2013 17:40:24 +0200

On Sun, May 05, 2013 at 12:37:44AM -0600, Kurt Seifried wrote:

On 05/03/2013 05:22 AM, P J P wrote:

Hello,

Linux kernel built with the ChipIdia Highspeed Dual Role
Controller (CONFIG_USB_CHIPIDEA) along with the ChipIdea host
controller (CONFIG_USB_CHIPIDEA_HOST) modules, is vulnerable to a
kernel crash. It occurs while streaming content over network via
USB/Ethernet adapter

A user/program could use this flaw to crash the kernel resulting in
DoS.

Upstream fix: ------------- ->
https://git.kernel.org/linus/929473ea05db455ad88cdc081f2adc556b8dc48f

 Reference: ---------- ->
https://bugzilla.redhat.com/show_bug.cgi?id=959210

Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A
84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B


Please use CVE-2013-2058 for this issue.


JFYI, the respective code was added in Linux 3.5 as far as I see.

Ciao, Marcus

Current thread:

CVE request: Linux kernel: chipidea: allow disabling streaming in host mode P J P (May 03)
- Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Kurt Seifried (May 04)
  - Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Marcus Meissner (May 06)
    - Re: CVE request: Linux kernel: chipidea: allow disabling streaming in host mode Greg KH (May 06)