CVE-2013-1860

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.8.4

Description The issue is related to a heap-based buffer overflow in the wdm in callback function. This can be exploited by physically proximate attackers using a crafted cdc-wdm USB device, potentially leading to a denial of service or arbitrary code execution.

Recommendations For Linux kernel versions prior to 3.8.4, update to version 3.8.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of cdc-wdm USB devices until a patch is applied.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2014-1375

CESA-2014_0328

CVE-2013-1860

DSA-2668-1

RHSA-2013:0829

RHSA-2014:0328

RHSA-2014:0339

RHSA-2014_0328

SUSE-SU-2014_1138-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0652-1

USN-1809-1

USN-1811-1

USN-1812-1

USN-1813-1

USN-1814-1

USN-1824-1

USN-1829-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

CVE-2013-1860

Weakness Enumeration

Related Identifiers

Affected Products

References · 35