CVE-2016-3139

Published: Apr 27, 2016Modified: May 6, 2026

4.6

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

Affected (13)

Products: Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Module For Public Cloud, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · Linux: Linux Kernel

8 products

Suse Linux Enterprise Debuginfo

Suse Linux Enterprise Desktop

Suse Linux Enterprise Live Patching

Suse Linux Enterprise Module For Public Cloud

Suse Linux Enterprise Real Time Extension

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Workstation Extension

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Debuginfo	Version 11.0 sp4
Novell Suse Linux Enterprise Desktop	Version 12.0
Novell Suse Linux Enterprise Live Patching	Version 12.0
Novell Suse Linux Enterprise Module For Public Cloud	Version 12.0
Novell Suse Linux Enterprise Real Time Extension	Version 11.0 sp4
Novell Suse Linux Enterprise Real Time Extension	Version 12.0 sp1
Novell Suse Linux Enterprise Server	Version 11.0 extra
Novell Suse Linux Enterprise Server	Version 11.0 sp4
Novell Suse Linux Enterprise Server	Version 12.0
Novell Suse Linux Enterprise Software Development Kit	Version 11.0 sp4
Novell Suse Linux Enterprise Software Development Kit	Version 12.0
Novell Suse Linux Enterprise Workstation Extension	Version 12.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 3.16.7

References (26)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

Source: security@opentext.com

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Source: security@opentext.com

https://bugzilla.redhat.com/show_bug.cgi?id=1283375

Source: security@opentext.com

https://bugzilla.redhat.com/show_bug.cgi?id=1283377

Source: security@opentext.com

https://bugzilla.redhat.com/show_bug.cgi?id=1316993

Source: security@opentext.com

https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc

Source: security@opentext.com

https://security-tracker.debian.org/tracker/CVE-2016-3139

Source: security@opentext.com

https://www.exploit-db.com/exploits/39538/

Source: security@opentext.com

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1283375

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1283377

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1316993

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc

Source: af854a3a-2127-422b-91ae-364da2661108

https://security-tracker.debian.org/tracker/CVE-2016-3139

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/39538/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.