Vigil@nce - Linux kernel: five vulnerabilities of USB Device Descriptor
April 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities were announced in the Linux kernel.
Impacted products: Fedora, Linux, openSUSE Leap, SUSE Linux
Enterprise Desktop, SLES.
Severity: 1/4.
Creation date: 11/04/2016.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in the Linux kernel.
An attacker can force a NULL pointer to be dereferenced in
powermate, in order to trigger a denial of service. [severity:1/4;
CVE-2016-2186]
An attacker can force a NULL pointer to be dereferenced in gtco,
in order to trigger a denial of service. [severity:1/4;
CVE-2016-2187]
An attacker can force a NULL pointer to be dereferenced in
iowarrior, in order to trigger a denial of service. [severity:1/4;
CVE-2016-2188]
An attacker can force a NULL pointer to be dereferenced in
snd_usb_audio, in order to trigger a denial of service.
[severity:1/4; CVE-2016-2184]
An attacker can force a NULL pointer to be dereferenced in
ati_remote2, in order to trigger a denial of service.
[severity:1/4; CVE-2016-2185]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-five-vulnerabilities-of-USB-Device-Descriptor-19331