Описание
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
A use-after-free flaw was found in the driver for the USB Microchip CAN BUS Analyzer Tool. The CAN BUS analysis hardware is not commonly found on server-grade hardware where the flaw exists while a device is removed (physical access) or a kernel module is unloaded (administrative privileges). An attacker must race the code while the device is being unplugged to take advantage of this flaw.
Меры по смягчению последствий
As the mcba_usb odule will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:
echo "install mcba_usb /bin/true" >> /etc/modprobe.d/disable-mcba_usb.conf
The system will need to be restarted in the unlikely case that the modules are loaded. In most circumstances, the kernel modules will be unable to be unloaded with rmmod while any device has the software in use. If the system requires this module to work correctly, this mitigation may not be suitable, alternative USB can analysers will not suffer this same flaw. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Not affected |
Показывать по
Дополнительная информация
Статус:
6.3 Medium
CVSS3
Связанные уязвимости
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
In the Linux kernel before 5.3.11, there is a use-after-free bug that ...
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
Уязвимость драйвера drivers/net/can/usb/mcba_usb.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
6.3 Medium
CVSS3