4.9

CVE-2016-2184

EPSS 0.19%
Veröffentlicht 27.04.2016 17:59:09
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 30

NVD 14 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 4.5.0

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Novell ≫ Suse Linux Enterprise Software Development Kit Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0

Novell ≫ Suse Linux Enterprise Debuginfo Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Desktop Version12.0

Novell ≫ Suse Linux Enterprise Live Patching Version12.0

Novell ≫ Suse Linux Enterprise Module For Public Cloud Version12.0

Novell ≫ Suse Linux Enterprise Real Time Extension Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Real Time Extension Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Server Version11.0 Updateextra

Novell ≫ Suse Linux Enterprise Server Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Server Version12.0

Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.401

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

https://source.android.com/security/bulletin/2016-11-01.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html

http://www.debian.org/security/2016/dsa-3607

http://www.ubuntu.com/usn/USN-2968-1

http://www.ubuntu.com/usn/USN-2968-2

http://www.ubuntu.com/usn/USN-2969-1

http://www.ubuntu.com/usn/USN-2970-1

http://www.ubuntu.com/usn/USN-2971-1

http://www.ubuntu.com/usn/USN-2971-2

http://www.ubuntu.com/usn/USN-2971-3

http://www.ubuntu.com/usn/USN-2996-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2997-1

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Third Party Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be

Vendor Advisory

http://seclists.org/bugtraq/2016/Mar/102

Third Party Advisory

VDB Entry

http://seclists.org/bugtraq/2016/Mar/88

Third Party Advisory

VDB Entry

http://seclists.org/bugtraq/2016/Mar/89

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/84340

https://bugzilla.redhat.com/show_bug.cgi?id=1317012

Third Party Advisory

VDB Entry

Issue Tracking

https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be

Vendor Advisory

https://www.exploit-db.com/exploits/39555/

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-2184

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-2184

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-2184

EUVD