Linux Kernel ims_pcu_parse_cdc_data() Device Driver Flaw Lets Local Users Cause Denial of Service Conditions on the Target System
|
SecurityTracker Alert ID: 1035441 |
SecurityTracker URL: http://securitytracker.com/id/1035441
|
CVE Reference:
CVE-2016-3689
(Links to External Site)
|
Date: Mar 31 2016
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in the Linux kernel. A physically local user can cause denial of service conditions on the target system.
A physically local user can attach a device with a specially crafted device driver that is missing an interface to trigger a flaw in the ims_pcu_parse_cdc_data() function in the ims-pcu driver and cause the target system to crash.
|
Impact:
A physically local user can cause the target system to crash.
|
Solution:
The vendor has issued a source code fix, available at:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause:
Access control error
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|