Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Linux Kernel Function Packet Handling Remote Buffer Overflow

High

Synopsis

The host is using a Linux kernel which is vulnerable to a buffer overflow attack.

Description

Linux Kernel contains an overflow condition in the usbip_recv_xbuff() function in drivers/usb/usbip/usbip_common.c. The issue is triggered as user-supplied input is not properly validated when handling a crafted packet. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Solution

Upgrade to Linux kernel 4.5.2-1 or later.