CVE-2016-3951
CVE-2016-3951
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64bhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4d06dd537f95683aba3651098ae288b7cbff8274http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1324782https://github.com/torvalds/linux/commit/1666984c8625b3db19a9abc298931d35ab7bc64bhttps://github.com/torvalds/linux/commit/4d06dd537f95683aba3651098ae288b7cbff8274https://www.spinics.net/lists/netdev/msg367669.htmlhttp://www.debian.org/security/2016/dsa-3607http://www.openwall.com/lists/oss-security/2016/04/06/4