CVE-2016-4578
Published on: 05/23/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:26:58 PM UTC
Certain versions of Ubuntu Linux from Canonical contain the following vulnerability:
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
- CVE-2016-4578 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 5.5 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
LOCAL | LOW | LOW | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | NONE | NONE |
CVSS2 Score: 2.1 - LOW
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
USN-3016-1: Linux kernel vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
[security-announce] SUSE-SU-2016:1937-1: important: Security update for | Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] openSUSE-SU-2016:1641-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
USN-3017-3: Linux kernel (Wily HWE) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
kernel/git/torvalds/linux.git - Linux kernel source tree | Vendor Advisory git.kernel.org text/html |
![]() |
[security-announce] SUSE-SU-2016:1985-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
USN-3021-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
ALSA: timer: Fix leak in events via snd_timer_user_ccallback · torvalds/[email protected] · GitHub | Vendor Advisory github.com text/html |
![]() |
USN-3017-1: Linux kernel vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
USN-3017-2: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
USN-3016-4: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
USN-3021-1: Linux kernel vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
[security-announce] SUSE-SU-2016:1672-1: important: Security update for | Third Party Advisory lists.opensuse.org text/html |
![]() |
oss-security - Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer | Mailing List www.openwall.com text/html |
![]() |
USN-3019-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
Debian -- Security Information -- DSA-3607-1 linux | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
1335215 – (CVE-2016-4578) CVE-2016-4578 kernel: Information leak in events in timer.c | Issue Tracking Third Party Advisory VDB Entry bugzilla.redhat.com text/html |
![]() |
Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak | Exploit Third Party Advisory VDB Entry www.exploit-db.com Proof of Concept text/html |
![]() |
USN-3020-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
[security-announce] SUSE-SU-2016:1690-1: important: Security update for | Third Party Advisory lists.opensuse.org text/html |
![]() |
[security-announce] SUSE-SU-2016:2105-1: important: Security update for | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt · torvalds/[email protected] · GitHub | Vendor Advisory github.com text/html |
![]() |
[security-announce] openSUSE-SU-2016:2184-1: important: Security update | Mailing List Third Party Advisory lists.opensuse.org text/html |
![]() |
kernel/git/torvalds/linux.git - Linux kernel source tree | Vendor Advisory git.kernel.org text/html |
![]() |
Red Hat Customer Portal | Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
![]() |
USN-3018-1: Linux kernel vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
Linux Kernel CVE-2016-4578 Multiple Local Information Disclosure Vulnerabilities | Third Party Advisory VDB Entry cve.report (archive) text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Linux | Linux Kernel | All | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Opensuse | Leap | 42.1 | All | All | All |
Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.5 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.5 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Tus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Tus | 7.3 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*:
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE