Linux Kernel Function Packet Handling Remote Buffer Overflow

High Log Correlation Engine Plugin ID 801970

Synopsis

The host is using a Linux kernel which is vulnerable to a buffer overflow attack.

Description

Linux Kernel contains an overflow condition in the usbip_recv_xbuff() function in drivers/usb/usbip/usbip_common.c. The issue is triggered as user-supplied input is not properly validated when handling a crafted packet. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Solution

Upgrade to Linux kernel 4.5.2-1 or later.

See Also

https://bugzilla.suse.com/show_bug.cgi?id=975945

https://www.suse.com/support/update/announcement/2016/suse-su-20161203-1.html

Plugin Details

Severity: High

ID: 801970

Published: 2016/06/01

Risk Information

Risk Factor: High

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2016/03/17

Vulnerability Publication Date: 2016/04/20

Reference Information

CVE: CVE-2016-3955