Linux kernel digi_port_init DoS Vulnerability (CVE-2016-3140)

Linux kernel digi_port_init DoS Vulnerability (CVE-2016-3140)
Linux kernel digi_port_init DoS Vulnerability (CVE-2016-3140)

Release date:
Updated on:

Affected Systems:

Linux kernel 〈 4.5.1

Description:

CVE (CAN) ID: CVE-2016-3140

Linux Kernel is the Kernel of the Linux operating system.

In versions earlier than Linux kernel 4.5.1, the drivers/usb/serial/digi_acceleport.c/digi_port_init function has a security vulnerability. Attackers with close physical locations use the endpoint value constructed in the USB device descriptor, this vulnerability may cause denial of service.

<* Source: Adam Mari & #353;
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f

Http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

How to install Linux Kernel 4.4 on Ubuntu

Linux Kernel 4.2.2 compilation and installation tutorial

Ubuntu 15.10 will use the Linux Kernel 4.2 Kernel

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: