CVE-2015-5257 - OpenCVE

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4
http://www.debian.org/security/2015/dsa-3372
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4
http://www.openwall.com/lists/oss-security/2015/09/23/1
http://www.securityfocus.com/bid/76834
http://www.ubuntu.com/usn/USN-2792-1
http://www.ubuntu.com/usn/USN-2794-1
http://www.ubuntu.com/usn/USN-2795-1
http://www.ubuntu.com/usn/USN-2798-1
http://www.ubuntu.com/usn/USN-2799-1
https://bugzilla.redhat.com/show_bug.cgi?id=1265607
https://github.com/torvalds/linux/commit/cbb4be652d374f64661137756b8f357a1827d6a4
https://nvd.nist.gov/vuln/detail/CVE-2015-5257
https://www.cve.org/CVERecord?id=CVE-2015-5257

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-11-16T11:00:00

Updated: 2024-08-06T06:41:08.906Z

Reserved: 2015-07-01T00:00:00

Link: CVE-2015-5257

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-11-16T11:59:03.430

Modified: 2023-11-07T02:26:06.810

Link: CVE-2015-5257

Redhat

Severity : Low

Publid Date: 2015-09-22T00:00:00Z

Links: CVE-2015-5257 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T22:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-3372", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3372"}, {"name": "76834", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/76834"}, {"name": "USN-2792-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2792-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4"}, {"name": "USN-2794-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2794-1"}, {"name": "USN-2799-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2799-1"}, {"name": "USN-2795-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2795-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265607"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/cbb4be652d374f64661137756b8f357a1827d6a4"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4"}, {"name": "[oss-security] 20150922 Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/09/23/1"}, {"name": "USN-2798-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2798-1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:41:08.906Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-3372", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3372"}, {"name": "76834", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/76834"}, {"name": "USN-2792-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2792-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4"}, {"name": "USN-2794-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2794-1"}, {"name": "USN-2799-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2799-1"}, {"name": "USN-2795-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2795-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265607"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/cbb4be652d374f64661137756b8f357a1827d6a4"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4"}, {"name": "[oss-security] 20150922 Vulnerability in WhiteHEAT Linux Driver-CVE-2015-5257", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/09/23/1"}, {"name": "USN-2798-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2798-1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5257", "datePublished": "2015-11-16T11:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:08.906Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F1B9081-FA4D-426C-B2DE-78AEA0BB6DB1", "versionEndIncluding": "4.2.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320."}, {"lang": "es", "value": "drivers/usb/serial/whiteheat.c en el kernel Linux en versiones anteriores a 4.2.4 permite a atacantes f\u00edsicamente pr\u00f3ximos causar una denegaci\u00f3n de servicio (referencia a puntero NULL y OOPS) o posiblemente tener otro impacto no especificado a trav\u00e9s de un dispositivo USB manipulado. NOTA: este ID se utiliz\u00f3 de manera incorrecta para un problema de Apache Cordova que tiene el ID correcto CVE-2015-8320."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", "id": "CVE-2015-5257", "lastModified": "2023-11-07T02:26:06.810", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-11-16T11:59:03.430", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbb4be652d374f64661137756b8f357a1827d6a4"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2015/dsa-3372"}, {"source": "secalert@redhat.com", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2015/09/23/1"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/76834"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2792-1"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2794-1"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2795-1"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2798-1"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2799-1"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265607"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://github.com/torvalds/linux/commit/cbb4be652d374f64661137756b8f357a1827d6a4"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: NULL pointer dereference in USB WhiteHEAT serial driver", "id": "1265607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265607"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "status": "draft"}, "cwe": "CWE-476", "details": ["drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320.", "A denial of service vulnerability was found in the WhiteHEAT USB Serial Driver (whiteheat_attach function in drivers/usb/serial/whiteheat.c). In the driver, the COMMAND_PORT variable was hard coded and set to 4 (5th element). The driver assumed that the number of ports would always be 5 and used port number 5 as the command port. However, when using a USB device in which the number of ports was set to a number less than 5 (for example, 3), the driver triggered a kernel NULL-pointer dereference. A non-privileged attacker could use this flaw to panic the host."], "name": "CVE-2015-5257", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2015-09-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-5257\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-5257"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2.\nThis has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}