A user could create a specially crafted USB device to exploit this flaw for remote code execution on the system.

A local user with the ability to configure USB devices could be able to exploit this flaw.

There are no known workarounds for this issue. Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019 Red Hat has released a patch for this issue: https://

How to identify affected devices?

If you have USB devices connected to your system, then you are affected.

To identify the devices that are vulnerable, you can use the following command:

sudo lsusb | grep Interruptible

This will list all of the USB devices connected to your system. If any of them have a product ID that starts with "Interruptible" then they are affected.

RHEV-M Software version version 4.10.1

A local user could cause a denial of service by exploiting this vulnerability.

There are no known workarounds for this issue. Red Hat has released a patch for this issue: https://access.redhat.com/kb/docs/DOC-2019

References:

- https://access.redhat.com/kb/docs/DOC-2019
- https://www.us-cert.gov/ncas/current-activity/2015/07/11/CVE-2014-9761

Timeline

Published on: 09/19/2022 20:15:00 UTC
Last modified on: 09/21/2022 18:07:00 UTC

References