CVE-2015-8816

Published: Apr 27, 2016Modified: May 6, 2026

6.8

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

Affected (23)

Products: Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Module For Public Cloud, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · Linux: Linux Kernel · Suse: Linux Enterprise Live Patching, Linux Enterprise Server

Novell

8 products

Suse Linux Enterprise Debuginfo

Suse Linux Enterprise Desktop

Suse Linux Enterprise Live Patching

Suse Linux Enterprise Module For Public Cloud

Suse Linux Enterprise Real Time Extension

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Workstation Extension

Linux

1 product

Linux Kernel

Suse

2 products

Linux Enterprise Live Patching

Linux Enterprise Server

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Debuginfo	Version 11 sp4
Novell Suse Linux Enterprise Desktop	Version 12.0
Novell Suse Linux Enterprise Live Patching	Version 12.0
Novell Suse Linux Enterprise Module For Public Cloud	Version 12
Novell Suse Linux Enterprise Real Time Extension	Version 11 sp4
Novell Suse Linux Enterprise Real Time Extension	Version 12 sp1
Novell Suse Linux Enterprise Server	Version 11 extra
Novell Suse Linux Enterprise Server	Version 11 sp4
Novell Suse Linux Enterprise Server	Version 12.0
Novell Suse Linux Enterprise Software Development Kit	Version 11.0 sp4
Novell Suse Linux Enterprise Software Development Kit	Version 12.0
Novell Suse Linux Enterprise Workstation Extension	Version 12.0

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.28 to 3.2.76
Linux Linux Kernel	From 3.11 to 3.12.58
Linux Linux Kernel	From 3.13 to 3.14.76
Linux Linux Kernel	From 3.15 to 3.16.35
Linux Linux Kernel	From 3.17 to 3.18.27
Linux Linux Kernel	From 3.19 to 4.1.17
Linux Linux Kernel	From 3.3 to 3.4.113
Linux Linux Kernel	From 3.5 to 3.10.103
Linux Linux Kernel	From 4.2 to 4.3.5

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Live Patching	Version 12
Suse Linux Enterprise Server	Version 12

References (54)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea

Source: cve@mitre.org

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Source: cve@mitre.org

Third Party Advisory

http://source.android.com/security/bulletin/2016-07-01.html

Source: cve@mitre.org

Third Party Advisory

http://www.debian.org/security/2016/dsa-3503

Source: cve@mitre.org

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5

Source: cve@mitre.org

Vendor Advisory

http://www.openwall.com/lists/oss-security/2016/02/23/5

Source: cve@mitre.org

Mailing List

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Source: cve@mitre.org

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/83363

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1311589

Source: cve@mitre.org

Issue Tracking

https://github.com/torvalds/linux/commit/e50293ef9775c5f1cf3fcc093037dd6a8c5684ea

Source: cve@mitre.org

PatchVendor Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e50293ef9775c5f1cf3fcc093037dd6a8c5684ea