CVE-2013-2892

Опубликовано: 29 авг. 2013

Источник: redhat

CVSS2: 6.2

EPSS Низкий

Описание

drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Отчет

This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5. This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue. Note: user would need physical access to the system to exploit this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2013:1645	20.11.2013
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2013:1490	31.10.2013
RHEV 3.X Hypervisor and Agents for RHEL-6	rhev-hypervisor6	Fixed	RHSA-2013:1527	21.11.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1000429Kernel: HID: pantherlord: heap overflow flaw

EPSS

Процентиль: 21%

0.00068

Низкий

6.2 Medium

CVSS2

Связанные уязвимости

CVE-2013-2892

ubuntu

почти 12 лет назад

CVE-2013-2892

nvd

почти 12 лет назад

CVE-2013-2892

debian

почти 12 лет назад

drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in ...

GHSA-xwjf-v823-v896

github

около 3 лет назад

ELSA-2013-2583

oracle-oval

больше 11 лет назад

ELSA-2013-2583: Unbreakable Enterprise Kernel security update (IMPORTANT)

EPSS

Процентиль: 21%

0.00068

Низкий

6.2 Medium

CVSS2