← voltar
CVE-2016-2384

CVE-2016-2384

EPSS 3.7%
Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/41999não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07d86ca93db7e5cdf4743564d98292042ec21af7http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html