Lucene search

[email protected]NVD:CVE-2016-2186

HistoryMay 02, 2016 - 10:59 a.m.

CVE-2016-2186

2016-05-0210:59:29

[email protected]

web.nvd.nist.gov

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤4.5.0

Node

novellsuse_linux_enterprise_software_development_kitMatch11.0sp4

novellsuse_linux_enterprise_software_development_kitMatch12.0

novellsuse_linux_enterprise_software_development_kitMatch12.0sp1

novellsuse_linux_enterprise_debuginfoMatch11.0sp4

novellsuse_linux_enterprise_desktopMatch12.0

novellsuse_linux_enterprise_desktopMatch12.0sp1

novellsuse_linux_enterprise_live_patchingMatch12.0

novellsuse_linux_enterprise_module_for_public_cloudMatch12.0

novellsuse_linux_enterprise_real_time_extensionMatch11.0sp4

novellsuse_linux_enterprise_real_time_extensionMatch12.0sp1

novellsuse_linux_enterprise_serverMatch11.0extra

novellsuse_linux_enterprise_serverMatch11.0sp4

novellsuse_linux_enterprise_serverMatch12.0

novellsuse_linux_enterprise_serverMatch12.0sp1

novellsuse_linux_enterprise_workstation_extensionMatch12.0

novellsuse_linux_enterprise_workstation_extensionMatch12.0sp1

Node

canonicalubuntu_linuxMatch12.04lts

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c6ba456711687b794dcf285856fc14e2c76074f

lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

seclists.org/bugtraq/2016/Mar/117

seclists.org/bugtraq/2016/Mar/85

www.debian.org/security/2016/dsa-3607

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

www.securityfocus.com/bid/84337

www.ubuntu.com/usn/USN-2968-1

www.ubuntu.com/usn/USN-2968-2

www.ubuntu.com/usn/USN-2969-1

www.ubuntu.com/usn/USN-2970-1

www.ubuntu.com/usn/USN-2971-1

www.ubuntu.com/usn/USN-2971-2

www.ubuntu.com/usn/USN-2971-3

www.ubuntu.com/usn/USN-2996-1

www.ubuntu.com/usn/USN-2997-1

bugzilla.redhat.com/show_bug.cgi?id=1317015

github.com/torvalds/linux/commit/9c6ba456711687b794dcf285856fc14e2c76074f

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for NVD:CVE-2016-2186

packetstorm1 prion1 cve1 ubuntucve1 cvelist1 debiancve1 fedora3 nessus36 ubuntu13 openvas30 suse10 cloudfoundry1 debian3 osv2