Vulnerability Details : CVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-2548
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-2548
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2548
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST | |
6.2
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.5
|
3.6
|
NIST |
CWE ids for CVE-2016-2548
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2548
-
http://www.ubuntu.com/usn/USN-2930-3
USN-2930-3: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
[security-announce] SUSE-SU-2016:0911-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2930-2
USN-2930-2: Linux kernel (Wily HWE) vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
[security-announce] SUSE-SU-2016:1102-1: important: Security update for
-
https://bugzilla.redhat.com/show_bug.cgi?id=1311568
1311568 – (CVE-2016-2548) CVE-2016-2548 kernel: sound: linked lists of slave instances not unlinked immediately
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
[security-announce] SUSE-SU-2016:2074-1: important: Security update for
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://www.ubuntu.com/usn/USN-2932-1
USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu security notices
-
http://www.debian.org/security/2016/dsa-3503
Debian -- Security Information -- DSA-3503-1 linux
-
http://www.ubuntu.com/usn/USN-2931-1
USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices
-
http://www.securityfocus.com/bid/83383
Linux Kernel CVE-2016-2548 Multiple Local Denial of Service Vulnerabilities
-
http://www.ubuntu.com/usn/USN-2967-2
USN-2967-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2929-2
USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2929-1
USN-2929-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://www.openwall.com/lists/oss-security/2016/01/19/1
oss-security - Security bugs in Linux kernel sound subsystem
-
http://www.securitytracker.com/id/1035306
Linux Kernel Sound Driver Linked List Race Condition Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker
-
http://www.ubuntu.com/usn/USN-2930-1
USN-2930-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d
ALSA: timer: Harden slave timer list handling · torvalds/linux@b5a663a · GitHubPatch;Vendor Advisory
-
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
-
http://www.ubuntu.com/usn/USN-2967-1
USN-2967-1: Linux kernel vulnerabilities | Ubuntu security notices
Jump to