4.9

CVE-2016-3140

EPSS 0.16%
Veröffentlicht 02.05.2016 10:59:39
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle security@opentext.com
CVE-Watchlists
Login
Unerledigt
Login

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 27

NVD 19 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Linux ≫ Linux Kernel Version <= 4.5.0

Novell ≫ Suse Linux Enterprise Software Development Kit Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Debuginfo Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Desktop Version12.0

Novell ≫ Suse Linux Enterprise Desktop Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Live Patching Version12.0

Novell ≫ Suse Linux Enterprise Module For Public Cloud Version12.0

Novell ≫ Suse Linux Enterprise Real Time Extension Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Real Time Extension Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Server Version11.0 Updateextra

Novell ≫ Suse Linux Enterprise Server Version11.0 Updatesp4

Novell ≫ Suse Linux Enterprise Server Version12.0

Novell ≫ Suse Linux Enterprise Server Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0

Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0 Updatesp1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.372

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	0.9	3.6	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

http://www.ubuntu.com/usn/USN-3000-1

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

http://www.debian.org/security/2016/dsa-3607

http://www.ubuntu.com/usn/USN-2968-1

http://www.ubuntu.com/usn/USN-2968-2

http://www.ubuntu.com/usn/USN-2970-1

http://www.ubuntu.com/usn/USN-2971-1

http://www.ubuntu.com/usn/USN-2971-2

http://www.ubuntu.com/usn/USN-2971-3

http://www.ubuntu.com/usn/USN-2996-1

http://www.ubuntu.com/usn/USN-2997-1

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f

http://www.openwall.com/lists/oss-security/2016/03/14/6

http://www.securityfocus.com/bid/84304

https://bugzilla.redhat.com/show_bug.cgi?id=1316995

https://github.com/torvalds/linux/commit/5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f

https://www.exploit-db.com/exploits/39537/

https://nvd.nist.gov/vuln/detail/CVE-2016-3140

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3140

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3140

EUVD