4.9

CVE-2016-3138

EPSS 0.02%
Veröffentlicht 02.05.2016 10:59:37
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle security@opentext.com
CVE-Watchlists
Login
Unerledigt
Login

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 25

NVD 18 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 4.5.0

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Novell ≫ Suse Linux Enterprise Software Development Kit Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Debuginfo Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Desktop Version12.0

Novell ≫ Suse Linux Enterprise Desktop Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Live Patching Version12.0

Novell ≫ Suse Linux Enterprise Module For Public Cloud Version12.0

Novell ≫ Suse Linux Enterprise Real Time Extension Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Real Time Extension Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Server Version11.0 Updateextra

Novell ≫ Suse Linux Enterprise Server Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Server Version12.0

Novell ≫ Suse Linux Enterprise Server Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0

Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0 Updatesp1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.047

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

http://www.debian.org/security/2016/dsa-3607

http://www.ubuntu.com/usn/USN-2968-1

http://www.ubuntu.com/usn/USN-2968-2

http://www.ubuntu.com/usn/USN-2969-1

http://www.ubuntu.com/usn/USN-2970-1

http://www.ubuntu.com/usn/USN-2971-1

http://www.ubuntu.com/usn/USN-2971-2

http://www.ubuntu.com/usn/USN-2971-3

http://www.ubuntu.com/usn/USN-2996-1

http://www.ubuntu.com/usn/USN-2997-1

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9

http://www.openwall.com/lists/oss-security/2016/03/14/4

https://bugzilla.redhat.com/show_bug.cgi?id=1316204

https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9

https://nvd.nist.gov/vuln/detail/CVE-2016-3138

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3138

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3138

EUVD