Vulnerability Note VU#981134
Linux kernel USB drivers do not initialize kernel memory properly
Overview
Various Linux USB drivers contain an information disclosure vulnerability that may expose sensitive segments of kernel memory to users.
Description
USB drivers for several versions the Linux kernel do not properly initialize kernel memory before using it. When an affected USB driver copies uninitialized memory from kernel space to user space (with the copy_to_user function), the previous kernel memory contents will be copied as well. In some cases, this will grant a user inappropriate access to sensitive segments of kernel memory. |
Impact
Users may be able to view sensitive segments of kernel memory. |
Solution
Check with Vendor Users who suspect they are vulnerable are encouraged to check with their vendor to determine the appropriate action to take. |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Gentoo Linux | Affected | - | 30 Aug 2004 |
| SuSE Inc. | Affected | 22 Oct 2004 | 25 Oct 2004 |
| Ingrian Networks | Not Affected | 22 Oct 2004 | 22 Oct 2004 |
| Connectiva | Unknown | - | 22 Oct 2004 |
| Debian | Unknown | 22 Oct 2004 | 22 Oct 2004 |
| Engarde | Unknown | - | 22 Oct 2004 |
| Hewlett-Packard Company | Unknown | 22 Oct 2004 | 22 Oct 2004 |
| IBM-zSeries | Unknown | 22 Oct 2004 | 22 Oct 2004 |
| IBM eServer | Unknown | 22 Oct 2004 | 22 Oct 2004 |
| Immunix | Unknown | - | 22 Oct 2004 |
| MandrakeSoft | Unknown | - | 22 Oct 2004 |
| MontaVista Software | Unknown | 22 Oct 2004 | 22 Oct 2004 |
| Novell | Unknown | - | 22 Oct 2004 |
| Openwall GNU/*/Linux | Unknown | 22 Oct 2004 | 25 Oct 2004 |
| Red Hat Inc. | Unknown | 22 Oct 2004 | 22 Oct 2004 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml
- http://securityfocus.com/advisories/7104
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0685
- http://www.osvdb.org/displayvuln.php?osvdb_id=9273
- http://www.securitytracker.com/alerts/2004/Aug/1011078.html
Credit
This vulnerability was reported by Tim Yamin.
This document was written by Jeff Gennari.
Other Information
- CVE IDs: CAN-2004-0685
- Date Public: 25 Aug 2004
- Date First Published: 22 Oct 2004
- Date Last Updated: 25 Oct 2004
- Severity Metric: 0.48
- Document Revision: 151
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.