oss-sec mailing list archives
CVE Request: bad USB host adapter implementation can corrupt memory/brick machine
From: Marcus Meissner <meissner () suse de>
Date: Thu, 2 Jun 2016 11:10:13 +0200
Hi, reported here: https://marc.info/?l=linux-usb&m=146480770532266&w=2 issue is that the Frescologic device id 1009 host controller apparently has a broken XHCI STREAMS implementation which would lead to memory corruptions Redhat might have already assigned a CVE. I am not sure if this is controllable for code execution, but at least USB devices can be used to brick a machine with the kernel running (local denial of service)? Ciao, Marcus
Current thread:
- CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Marcus Meissner (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Adam Maris (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Marcus Meissner (Jun 02)
- Re: CVE Request: bad USB host adapter implementation can corrupt memory/brick machine Adam Maris (Jun 02)