First published: Fri Oct 02 2020(Updated: )
A flaw use-after-free in the Linux kernel USB High Speed Mobile Devices functionality was found in the way user detaches USB device. A local user could use this flaw to crash the system or escalate their privileges on the system.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
Linux Linux kernel | <=5.13.4 | |
Debian Debian Linux | =9.0 | |
Oracle Communications Cloud Native Core Binding Support Function | =22.1.3 | |
Oracle Communications Cloud Native Core Network Exposure Function | =22.1.1 | |
Oracle Communications Cloud Native Core Policy | =22.2.0 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
To mitigate this issue, prevent the module hso from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.