CVE-2016-2384 : Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows p

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

Published 2016-04-27 17:59:12

Updated 2018-01-05 02:30:38

Source Debian GNU/Linux

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2016-2384

Probability of exploitation activity in the next 30 days: 0.73%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-2384

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
4.6	MEDIUM	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	0.9	3.6	NIST
Attack Vector: Physical Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

References for CVE-2016-2384

http://www.ubuntu.com/usn/USN-2930-3

USN-2930-3: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html

[security-announce] SUSE-SU-2016:1039-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

[security-announce] SUSE-SU-2016:0911-1: important: Security update for

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2930-2

USN-2930-2: Linux kernel (Wily HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

[security-announce] SUSE-SU-2016:1764-1: important: Security update for
Third Party Advisory

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7

kernel/git/torvalds/linux.git - Linux kernel source tree
Patch;Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html

[security-announce] SUSE-SU-2016:1102-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html

[security-announce] SUSE-SU-2016:1038-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html

[security-announce] SUSE-SU-2016:1033-1: important: Security update for

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2574.html

RHSA-2016:2574 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html

[security-announce] SUSE-SU-2016:1035-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

[security-announce] SUSE-SU-2016:2074-1: important: Security update for

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2932-1

USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2928-2

USN-2928-2: Linux kernel (OMAP4) vulnerability | Ubuntu security notices
http://www.debian.org/security/2016/dsa-3503

Debian -- Security Information -- DSA-3503-1 linux

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2017-0817.html

RHSA-2017:0817 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2931-1

USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html

[security-announce] openSUSE-SU-2016:1008-1: important: Security update

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2929-2

USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2929-1

USN-2929-1: Linux kernel vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.securityfocus.com/bid/83256

Linux Kernel CVE-2016-2384 Local Denial of Service Vulnerability
https://github.com/torvalds/linux/commit/07d86ca93db7e5cdf4743564d98292042ec21af7

ALSA: usb-audio: avoid freeing umidi object twice · torvalds/linux@07d86ca · GitHub
Patch
http://www.openwall.com/lists/oss-security/2016/02/14/2

oss-security - CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor
http://www.ubuntu.com/usn/USN-2928-1

USN-2928-1: Linux kernel vulnerability | Ubuntu security notices
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html

[security-announce] SUSE-SU-2016:1032-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html

[security-announce] SUSE-SU-2016:1046-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html

[security-announce] SUSE-SU-2016:1037-1: important: Security update for

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=1308444

1308444 – (CVE-2016-2384) CVE-2016-2384 kernel: double-free in usb-audio triggered by invalid USB descriptor
Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html

[security-announce] SUSE-SU-2016:1031-1: important: Security update for

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2930-1

USN-2930-1: Linux kernel vulnerabilities | Ubuntu security notices

CVEs referencing this url
https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384

kernel-exploits/CVE-2016-2384 at master · xairy/kernel-exploits · GitHub
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html

[security-announce] SUSE-SU-2016:1034-1: important: Security update for

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2584.html

RHSA-2016:2584 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html

[security-announce] SUSE-SU-2016:1019-1: important: Security update for

CVEs referencing this url
http://www.securitytracker.com/id/1035072

Linux Kernel Double-Free Memory Error in usb-midi Driver Lets Physically Local Users Crash the System or Execute Arbitrary Code - SecurityTracker
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html

[security-announce] SUSE-SU-2016:1041-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html

[security-announce] SUSE-SU-2016:1045-1: important: Security update for

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html

[security-announce] SUSE-SU-2016:1040-1: important: Security update for

CVEs referencing this url

Products affected by CVE-2016-2384

Novell » Suse Linux Enterprise Real Time Extension » Version: 12 Update SP1
cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions up to, including, (<=) 4.4.8
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-2384

Exploit prediction scoring system (EPSS) score for CVE-2016-2384

CVSS scores for CVE-2016-2384

References for CVE-2016-2384

Products affected by CVE-2016-2384