CVE-2013-1860

Опубликовано: 12 мар. 2013

Источник: redhat

CVSS2: 6.9

Описание

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

Отчет

This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5. This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2014:0328	25.03.2014
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2013:0829	20.05.2013
RHEV 3.X Hypervisor and Agents for RHEL-6	rhev-hypervisor6	Fixed	RHSA-2014:0339	31.03.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=921970kernel: usb: cdc-wdm buffer overflow triggered by device

6.9 Medium

CVSS2

Связанные уязвимости

CVE-2013-1860

ubuntu

около 12 лет назад

CVE-2013-1860

nvd

около 12 лет назад

CVE-2013-1860

debian

около 12 лет назад

Heap-based buffer overflow in the wdm_in_callback function in drivers/ ...

GHSA-fw94-fp28-prw3

github

около 3 лет назад

ELSA-2014-0328

oracle-oval

около 11 лет назад

ELSA-2014-0328: kernel security and bug fix update (IMPORTANT)

6.9 Medium

CVSS2