CVE-2016-3689

Published: May 2, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-2971-2

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1690

vendor-advisory

x_refsource_SUSE

https://bugzilla.novell.com/show_bug.cgi?id=971628

x_refsource_CONFIRM

SUSE-SU-2016:1696

vendor-advisory

x_refsource_SUSE

USN-2970-1

vendor-advisory

x_refsource_UBUNTU

1035441

vdb-entry

x_refsource_SECTRACK

https://github.com/torvalds/linux/commit/a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff

x_refsource_CONFIRM

USN-2968-1

vendor-advisory

x_refsource_UBUNTU

https://bugzilla.redhat.com/show_bug.cgi?id=1320060

x_refsource_CONFIRM

USN-2971-3

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1764

vendor-advisory

x_refsource_SUSE

USN-3000-1

vendor-advisory

x_refsource_UBUNTU

USN-2971-1

vendor-advisory

x_refsource_UBUNTU

USN-2968-2

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2016:1382

vendor-advisory

x_refsource_SUSE

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1

x_refsource_CONFIRM

[oss-security] 20160330 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (ims-pcu driver)

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-3689

Description

Affected Products

References