Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.03.1302271852440.8716@erqung.pbz>
Date: Wed, 27 Feb 2013 19:39:50 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: CVE request: Linux kernel: USB: io_ti: NULL pointer dereference

   Hello,

Linux kernel built with Edgeport USB serial converter driver io_ti, is 
vulnerable to a NULL pointer dereference flaw. It happens if the device is 
disconnected while corresponding /dev/ttyUSB? file is in use.

An unprivileged user could use this flaw to crash the system, resulting DoS.

Upstream fix:
-------------
  -> https://git.kernel.org/linus/1ee0a224bc9aad1de496c795f96bc6ba2c394811

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=916191

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.