4.9

CVE-2016-2184

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.95% 0.776
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 0.9 3.6
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
https://source.android.com/security/bulletin/2016-11-01.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html
http://www.debian.org/security/2016/dsa-3607
http://www.ubuntu.com/usn/USN-2968-1
http://www.ubuntu.com/usn/USN-2968-2
http://www.ubuntu.com/usn/USN-2969-1
http://www.ubuntu.com/usn/USN-2970-1
http://www.ubuntu.com/usn/USN-2971-1
http://www.ubuntu.com/usn/USN-2971-2
http://www.ubuntu.com/usn/USN-2971-3
http://www.ubuntu.com/usn/USN-2996-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2997-1
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be
Vendor Advisory
http://seclists.org/bugtraq/2016/Mar/102
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2016/Mar/88
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2016/Mar/89
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/84340
https://bugzilla.redhat.com/show_bug.cgi?id=1317012
Third Party Advisory
VDB Entry
Issue Tracking
https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be
Vendor Advisory
https://www.exploit-db.com/exploits/39555/
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1
Vendor Advisory