F5 Networks BIG-IP : Linux kernel vulnerability (K74413297)
Medium Nessus Plugin ID 104194
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.
An attacker may be able to gain access to unauthorized information, perform unauthorized modification of data, or cause disruption of services. This vulnerability requires physical access to the device.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K74413297.