CVE-2013-2893

Sažetak

The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.

Reference

http://www.ubuntu.com/usn/USN-2015-1
http://www.ubuntu.com/usn/USN-2024-1
http://marc.info/?l=linux-input&m=137772186714627&w=1
http://rhn.redhat.com/errata/RHSA-2013-1490.html
http://www.ubuntu.com/usn/USN-2039-1
http://www.ubuntu.com/usn/USN-2022-1
http://openwall.com/lists/oss-security/2013/08/28/13
http://www.ubuntu.com/usn/USN-2016-1
http://www.ubuntu.com/usn/USN-2038-1
http://www.ubuntu.com/usn/USN-2020-1
http://www.ubuntu.com/usn/USN-2021-1
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://www.ubuntu.com/usn/USN-2019-1
http://www.securityfocus.com/bid/62050
http://www.ubuntu.com/usn/USN-2023-1
http://www.ubuntu.com/usn/USN-2050-1

CVSS

Base:	4.7
Impact:	6.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

07-11-2023 - 02:15

Objavljeno

16-09-2013 - 13:01