APPLIED: [SRU][Trusty][Bionic][PATCH 0/1] Fix for CVE-2018-16276
Khaled Elmously
khalid.elmously at canonical.com
Fri Nov 30 04:33:46 UTC 2018
On 2018-11-09 15:33:24 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-16276.html
>
> It was discovered that the YUREX USB device driver for the Linux kernel did
> not properly restrict user space reads or writes. A physically proximate
> attacker could use this to cause a denial of service (system crash) or
> possibly execute arbitrary code.
>
> Clean cherry-pick for Bionic, simple backport for Trusty only for
> context adjustment.
>
> Jann Horn (1):
> USB: yurex: fix out-of-bounds uaccess in read handler
>
> drivers/usb/misc/yurex.c | 23 ++++++-----------------
> 1 file changed, 6 insertions(+), 17 deletions(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list