CVE - CVE-2016-2548

CVE-ID
CVE-2016-2548	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20160119 Security bugs in Linux kernel sound subsystem URL:http://www.openwall.com/lists/oss-security/2016/01/19/1 CONFIRM:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d CONFIRM:http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1311568 CONFIRM:https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d DEBIAN:DSA-3503 URL:http://www.debian.org/security/2016/dsa-3503 SUSE:SUSE-SU-2016:2074 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html SUSE:SUSE-SU-2016:0911 URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html SUSE:SUSE-SU-2016:1102 URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html UBUNTU:USN-2967-1 URL:http://www.ubuntu.com/usn/USN-2967-1 UBUNTU:USN-2967-2 URL:http://www.ubuntu.com/usn/USN-2967-2 UBUNTU:USN-2929-1 URL:http://www.ubuntu.com/usn/USN-2929-1 UBUNTU:USN-2929-2 URL:http://www.ubuntu.com/usn/USN-2929-2 UBUNTU:USN-2930-1 URL:http://www.ubuntu.com/usn/USN-2930-1 UBUNTU:USN-2930-2 URL:http://www.ubuntu.com/usn/USN-2930-2 UBUNTU:USN-2930-3 URL:http://www.ubuntu.com/usn/USN-2930-3 UBUNTU:USN-2931-1 URL:http://www.ubuntu.com/usn/USN-2931-1 UBUNTU:USN-2932-1 URL:http://www.ubuntu.com/usn/USN-2932-1 BID:83383 URL:http://www.securityfocus.com/bid/83383 SECTRACK:1035306 URL:http://www.securitytracker.com/id/1035306
Assigning CNA
N/A
Date Entry Created
20160223	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20160223)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org