Issue 813323 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	groeck@chromium.org
Closed:	Feb 2018
Cc:	wonderfly@google.com zsm@chromium.org chromeos-kernel-security-bug-access@google.com
Components:	OS>Kernel
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	3
Type:	Bug-Security
Vomit Security_Impact-None Security_Severity-High

CVE-2017-16913 CrOS: Vulnerability reported in Linux kernel

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Feb 17 2018

Issue description

VOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. 

Advisory: CVE-2017-16913
  Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-16913
  CVSS severity score: 7.1/10.0
  Description:

The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.



This bug was filed by http://go/vomit
Please contact us at vomit-team@google.com if you need any assistance.

Comment 1 by groeck@chromium.org, Feb 17 2018

Cc: wonderfly@google.com zsm@chromium.org
Labels: Security_Severity-High Security_Impact-None Pri-3
Owner: groeck@chromium.org
Status: WontFix (was: Untriaged)

USBIP is not enabled in chromeos images. Fixed in both chromeos-4.4 and chromeos-4.14 with stable release merges. WontFix in older kernels since not enabled there and impossible to test.

►

Issue 813323 link

Issue metadata

CVE-2017-16913 CrOS: Vulnerability reported in Linux kernel

Issue description

Comment 1 by groeck@chromium.org, Feb 17 2018

Comment 1 Deleted

Sign in to add a comment