LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

A perf ABI fix

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2013-2888 CVE-2013-2889 CVE-2013-2891 CVE-2013-2892 CVE-2013-2893 CVE-2013-2894 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-0343
Created:September 13, 2013 Updated:September 26, 2013
Description:

From the CVE entries:

Linux kernel built with the Human Interface Device bus (CONFIG_HID) support is vulnerable to a memory corruption flaw. It could occur if an HID device sends malicious HID report with the Report_ID of greater than 255. A local user with physical access to the system could use this flaw to crash the system resulting in DoS or, potentially, escalate their privileges on the system. (CVE-2013-2888)

Linux kernel built with the Human Interface Device(HID) Bus support(CONFIG_HID) along with the Zeroplus based game controller support(CONFIG_HID_ZEROPLUS) is vulnerable to a heap overflow flaw. It could occur when an HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2889)

Linux kernel built with the Human Interface Device Bus support(CONFIG_HID) along with a driver for the Steelseries SRW-S1 steering wheel (CONFIG_HID_STEELSERIES) is vulnerable to a heap overflow flaw. It could occur when an HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2891)

Linux kernel built with the Human Interface Device(CONFIG_HID) bus support along with the Pantherlord/GreenAsia game controller(CONFIG_HID_PANTHERLORD) driver, is vulnerable to a heap overflow flaw. It could occur when an HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2892)

Linux kernel built with the Human Interface Device(CONFIG_HID) support along with the Logitech force feedback drivers is vulnerable to a heap overflow flaw. 

    - CONFIG_LOGITECH_FF
    - CONFIG_LOGIG940_FF
    - CONFIG_LOGIWHEELS_FF
    - CONFIG_LOGIRUMBLEPAD2_FF
It could occur when the HID device sends malicious output report to the kernel drivers. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2893)

Linux kernel built with the Human Interface Device support(CONFIG_HID), along with the Lenovo ThinkPad USB Keyboard with TrackPoint(CONFIG_HID_LENOVO_TPKBD) driver is vulnerable to a heap overflow flaw. It could occur when an HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2894)

Linux kernel built with the Human Interface Device(CONFIG_HID) support along with the Logitech Unifying receivers(CONFIG_HID_LOGITECH_DJ) driver is vulnerable to a heap overflow flaw. It could occur when the HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root acess via arbitrary code execution. (CVE-2013-2895)

Linux kernel built with the Human Interface Device bus(CONFIG_HID) along with the N-Trig touch screen driver(CONFIG_HID_NTRIG) support is vulnerable to a NULL pointer dereference flaw. It could occur when an HID device sends malicious output report to the ntrig kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2896)

Linux kernel built with the Human Interface Device bus(CONFIG_HID) along with the generic support for the HID Multitouch panels(CONFIG_HID_MUTLTITOUCH) driver is vulnerable to a heap overflow flaw. It could occur when an HID device sends malicious feature report the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2897)

Linux kernel built with the Human Interface Device(CONFIG_HID) support along with the Minibox PicoLCD devices(CONFIG_HID_PICOLCD) driver is vulnerable to a NULL pointer dereference flaw. It could occur when the HID device sends malicious output report to the kernel driver. A local user with physical access to the system could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access via arbitrary code execution. (CVE-2013-2899)

Alerts:
Fedora FEDORA-2013-16379 2013-09-13
Fedora FEDORA-2013-16336 2013-09-16
Mandriva MDVSA-2013:242 2013-09-26
Debian DSA-2766-1 2013-09-27
Ubuntu USN-1977-1 2013-09-30
Ubuntu USN-1976-1 2013-09-30
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds