Vulnerability Details : CVE-2016-5829

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

Vulnerability category: OverflowDenial of service

Published 2016-06-27 10:59:14

Updated 2023-01-17 21:16:08

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-5829

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-5829

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	[email protected]
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	[email protected]
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-5829

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: [email protected] (Primary)

References for CVE-2016-5829

http://www.ubuntu.com/usn/USN-3072-1

Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html

Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3071-1

Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3072-2

Third Party Advisory

CVEs referencing this url
https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5

Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2574.html

Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3070-1

Third Party Advisory

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5

Vendor Advisory
http://www.ubuntu.com/usn/USN-3070-4

Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3071-2

Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3070-2

Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3070-3

Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/06/26/2

Mailing List;Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2006.html

Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2584.html

Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3616

Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/91450

Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html

Mailing List;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2016-5829

Novell » Suse Linux Enterprise Real Time Extension » Version: 12 Update SP1
cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.3 and before (<) 3.10.103
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.19 and before (<) 4.1.28
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.6.5
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 3.2.82
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.2 and before (<) 4.4.16
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.15 and before (<) 3.16.37
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.17 and before (<) 3.18.37
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.11 and before (<) 3.12.62
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.13 and before (<) 3.14.74
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions