UBUNTU-CVE-2015-4003

Details

The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet.

Affected Packages

linux

Ubuntu 14.04 LTS

Fixed in:

3.13.0-57.95

linux-lts-utopic

Ubuntu 14.04 LTS

Fixed in:

3.16.0-43.58~14.04.1

linux-lts-vivid

Ubuntu 14.04 LTS

Fixed in:

3.19.0-22.22~14.04.1

References

REPORT

http://www.openwall.com/lists/oss-security/2015/06/05/7

REPORT

https://ubuntu.com/security/CVE-2015-4003

ADVISORY

https://ubuntu.com/security/notices/USN-2662-1

ADVISORY

https://ubuntu.com/security/notices/USN-2663-1

ADVISORY

https://ubuntu.com/security/notices/USN-2664-1

ADVISORY

https://ubuntu.com/security/notices/USN-2665-1

ADVISORY

https://ubuntu.com/security/notices/USN-2666-1

ADVISORY

https://ubuntu.com/security/notices/USN-2667-1

REPORT

https://www.cve.org/CVERecord?id=CVE-2015-4003