Upstream information
Description
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.NVD CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Novell/SUSE information
Novell Bugzilla entry: 191836 SUSE Security Advisories:- SUSE-SA:2007:018, published Tue, 27 Feb 2007 14:00:00 +0000
- SUSE-SA:2007:021, published Fri, 16 Mar 2007 13:00:00 +0000
- SUSE-SA:2007:030, published Thu, 10 May 2007 11:00:00 +0000
- SUSE-SA:2007:035, published Thu, 14 Jun 2007 16:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE LINUX 9.3 |
| |
| Novell Linux Desktop 9 for x86_64 |
| Builds YOU Patch Nr: 11534 |
| SUSE LINUX 10.1 |
| |
| SUSE LINUX 10.0 |
| |
| SUSE Linux Enterprise Desktop 10 SP1 for x86 |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Server 10 SP1 for x86 |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Server 10 SP1 for IPF |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Server 10 SP1 for IBM POWER |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Server 10 SP1 for IBM zSeries 64bit |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| SUSE Linux Enterprise Server 10 SP1 for AMD64 and Intel EM64T |
| sles10.s390x sles10.x86 ZYPP Patch Nr: 2804 |
| Novell Linux Desktop 9 for x86 |
| Builds YOU Patch Nr: 11535 |
| Open Enterprise Server |
| Builds YOU Patch Nr: 11535 |