[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE Request: Linux kernel HID: hiddev buffer overflows
From: cve-assign () mitre ! org
Date: 2016-06-26 9:43:57
Message-ID: 20160626094357.1CE236C0717 () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> There is a small buffer overflow in the hiddev driver code which seems to have come due
> to a re-factor of the driver in 2008-ish.
>
> If a user-land process calls the hiddev ioctl with the HIDIOCGUSAGES or HIDIOCSUSAGES \
> command, and passes a report id of HID_REPORT_ID_UNKNOWN it bypasses a series of bounds \
> checks. Later in the code the attacker can loop on some controlled value and overwrite
>
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5
>
Use CVE-2016-5829.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXb6MwAAoJEHb/MwWLVhi2J5wP/0/8awKnFGpO7tqUTuEQvdfW
+MpW320Q2/GvJD+vzr/QqwOTMfuGa4CTkJi1OeZPdET+zxrxdUJd2e6JGmtvWKBM
4aXeecyvqQYvfs51xvLYYqk6oCPCnlii1QhBgm9AI2lwttfjD9y/h/ek9Fj14CJo
6nNKcZJJub5yUI5YmeXWC+Wu6AfcIndoJoEq1+gsLE63pdLwEOF6iIgCWyj6PDey
oQ87iIkUozv9CjamuMUlw+xB4zfXlOw/ewbMrngV0ii6Hgcau28qBdxxDko9g4nV
SIau0Nhh3LCAfPdo18VAYNs+2wlUI5BGcZ4EDPv97LmVcaRUuFZTLWsZYP8coFvt
VQLXphUOZCIEKmo2aIPYVCQ6QG+1ghjfnfH4AJdpDoYSIq5aEzh2q+UnVRIrOGsy
5NqtJCEgHA+Lv7M1IK9DNUfDEBTA1vOfeT3wCHPtqp+iuZ67J6vG428t/utTV+zc
ymLZ5I1YmAIvpeFDWkYuv/spI67HQ740ySFt2xbw9dF3JZUYqLGU9iN6vOd83Pe4
YxCT99JdejDQeJBYcSR4JdcLCnWMquI44ocNMZmM42LyS9XEUr996ebE6sKhcDNR
HSrAr7bPdeUq4CpmB+cl8/BMXIKK/e/0CgGo26vgmkm7qm2aNUIMHOvD0cjRGB4p
9QjX4Our+cZXGF6a2gIv
=Vb9B
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic