CVE-2016-2545

Published on: 04/27/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:15 PM UTC

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Linux Kernel from Linux contain the following vulnerability:

The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.

  • CVE-2016-2545 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.1 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL HIGH NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 4.7 - MEDIUM

Access
Vector
Access
Complexity
Authentication
LOCAL MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2929-2
USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2931-1
USN-2967-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2967-2
Debian -- Security Information -- DSA-3503-1 linux www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3503
Linux Kernel 'sound/core/timer.c' Local Denial of Service Vulnerability cve.report (archive)
text/html
URL Logo BID 83381
www.kernel.org
text/plain
CONFIRM www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
USN-2930-3: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2930-3
Linux Kernel Sound Driver Use-After-Free Memory Error in snd_timer_interrupt() Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1035296
ALSA: timer: Fix double unlink of active_list · torvalds/[email protected] · GitHub Patch
Vendor Advisory
github.com
text/html
URL Logo CONFIRM github.com/torvalds/linux/commit/ee8413b01045c74340aa13ad5bdf905de32be736
USN-2930-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2930-1
USN-2930-2: Linux kernel (Wily HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2930-2
[security-announce] SUSE-SU-2016:1102-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1102
[security-announce] SUSE-SU-2016:2074-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2074
1311560 – (CVE-2016-2545) CVE-2016-2545 kernel: sound: use-after-free in snd_timer_interrupt bugzilla.redhat.com
text/html
URL Logo CONFIRM bugzilla.redhat.com/show_bug.cgi?id=1311560
oss-security - Security bugs in Linux kernel sound subsystem Patch
www.openwall.com
text/html
URL Logo MLIST [oss-security] 20160119 Security bugs in Linux kernel sound subsystem
kernel/git/torvalds/linux.git - Linux kernel source tree Patch
Vendor Advisory
git.kernel.org
text/html
URL Logo CONFIRM git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee8413b01045c74340aa13ad5bdf905de32be736
USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2932-1
USN-2967-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2967-1
USN-2929-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-2929-1
[security-announce] SUSE-SU-2016:0911-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:0911

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
LinuxLinux KernelAllAllAllAll
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*: