First published: Sun Jun 07 2015(Updated: )
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.4.109 | |
Linux Linux kernel | >=3.5<3.10.81 | |
Linux Linux kernel | >=3.11<3.12.45 | |
Linux Linux kernel | >=3.13<3.14.45 | |
Linux Linux kernel | >=3.15<3.16.35 | |
Linux Linux kernel | >=3.17<3.18.18 | |
Linux Linux kernel | >=3.19<4.0.6 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
openSUSE openSUSE | =13.2 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.