REDHAT-BUG-1317015: Null Pointer Dereference
First published: Fri Mar 11 2016(Updated: )
A flaw was found in in the Linux kernel's USB device management code which could cause a crash when a device which required powermate driver. The kernel would panic causing null pointer dereference attempting to access non existent endpoints. Product bug: <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED WONTFIX - CVE-2016-2186 Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) [local-DoS]" href="show_bug.cgi?id=1283384">https://bugzilla.redhat.com/show_bug.cgi?id=1283384</a> Public via: <a href="http://seclists.org/bugtraq/2016/Mar/85">http://seclists.org/bugtraq/2016/Mar/85</a> This was assigned <a href="https://access.redhat.com/security/cve/CVE-2016-2186">CVE-2016-2186</a> by Red Hat.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | >7.1 | |
| Red Hat Kernel-devel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1283384
- http://seclists.org/bugtraq/2016/Mar/85
- https://access.redhat.com/security/cve/CVE-2016-2186
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1317464
- http://marc.info/?l=linux-input&m=145797215101551&w=2
- http://www.spinics.net/lists/linux-input/msg43675.html
- http://marc.info/?l=linux-usb&m=145796479528669&w=2
- http://www.spinics.net/lists/linux-usb/msg137695.html
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c6ba456711687b794dcf285856fc14e2c76074f
- https://access.redhat.com/support/policy/updates/errata/
- https://bugzilla.redhat.com/show_bug.cgi?id=1317015
Frequently Asked Questions
What is the severity of REDHAT-BUG-1317015?
The severity of REDHAT-BUG-1317015 is classified as a critical issue due to the potential for kernel panic and system crashes.
How do I fix REDHAT-BUG-1317015?
To fix REDHAT-BUG-1317015, update the Linux kernel to a version where this vulnerability has been patched.
Which software is affected by REDHAT-BUG-1317015?
REDHAT-BUG-1317015 affects Red Hat Enterprise Linux version 7.1 and newer versions of the Linux kernel that utilize the powermate driver.
What type of vulnerability is REDHAT-BUG-1317015?
REDHAT-BUG-1317015 is a flaw in the USB device management code of the Linux kernel that can lead to null pointer dereference.
Is there a known exploit for REDHAT-BUG-1317015?
While there are no widely known exploits for REDHAT-BUG-1317015, the vulnerability poses significant risk and should be addressed promptly.
- agent/type
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-2186
- agent/first-publish-date
- agent/source
- agent/description
- agent/severity
- agent/weakness
- agent/references
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat enterprise linux
- vendor/linux
- canonical/red hat kernel-devel