CVE-2015-8816
Summary
| CVE | CVE-2015-8816 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-04-27 17:59:00 UTC |
| Updated | 2023-11-01 14:51:00 UTC |
| Description | The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [security-announce] SUSE-SU-2016:2001-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:2009-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:1961-1: important: Security update for | SUSE | lists.opensuse.org | |
| kernel/git/torvalds/linux.git - Linux kernel source tree | CONFIRM | git.kernel.org | Vendor Advisory |
| Debian -- Security Information -- DSA-3503-1 linux | DEBIAN | www.debian.org | |
| [security-announce] SUSE-SU-2016:2010-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:2005-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:2002-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:1707-1: important: Security update for | SUSE | lists.opensuse.org | Third Party Advisory |
| Oracle Linux Bulletin - July 2016 | CONFIRM | www.oracle.com | |
| [security-announce] SUSE-SU-2016:2007-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:1994-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:1995-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:2014-1: important: Security update for | SUSE | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:2074-1: important: Security update for | SUSE | lists.opensuse.org | |
| Android Security Bulletin—July 2016 | Android Open Source Project | CONFIRM | source.android.com | Third Party Advisory |
| [security-announce] SUSE-SU-2016:1672-1: important: Security update for | SUSE | lists.opensuse.org | Third Party Advisory |
| Linux Kernel 'usb/core/hub.c' NULL Pointer Dereference Denial of Service Vulnerability | BID | www.securityfocus.com | |
| 1311589 – (CVE-2015-8816) CVE-2015-8816 kernel: USB hub invalid memory access in hub_activate() | CONFIRM | bugzilla.redhat.com | Issue Tracking |
| [security-announce] SUSE-SU-2016:2006-1: important: Security update for | SUSE | lists.opensuse.org | |
| oss-security - CVE Request: Linux kernel USB hub invalid memory access in hub_activate() | MLIST | www.openwall.com | |
| Oracle VM Server for x86 Bulletin - October 2016 | CONFIRM | www.oracle.com | |
| [security-announce] SUSE-SU-2016:1764-1: important: Security update for | SUSE | lists.opensuse.org | Third Party Advisory |
| [security-announce] SUSE-SU-2016:1690-1: important: Security update for | SUSE | lists.opensuse.org | Third Party Advisory |
| [security-announce] SUSE-SU-2016:1019-1: important: Security update for | SUSE | lists.opensuse.org | |
| USB: fix invalid memory access in hub_activate() · torvalds/linux@e50293e · GitHub | CONFIRM | github.com | Patch, Vendor Advisory |
| www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5 | CONFIRM | www.kernel.org | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 671064 EulerOS Security Update for kernel (EulerOS-SA-2019-2599)