CVE-2016-4482

Published: May 23, 2016Modified: May 6, 2026

6.2

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.5 / Impact: 3.6

Source: NVD

Description

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

Affected (21)

Products: Canonical: Ubuntu Linux · Linux: Linux Kernel · Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Module For Public Cloud, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · +1 more

Show all products

Canonical: Ubuntu Linux · Linux: Linux Kernel · Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Module For Public Cloud, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · Fedoraproject: Fedora

1 product

1 product

8 products

Suse Linux Enterprise Debuginfo

Suse Linux Enterprise Desktop

Suse Linux Enterprise Live Patching

Suse Linux Enterprise Module For Public Cloud

Suse Linux Enterprise Real Time Extension

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Workstation Extension

Fedoraproject

1 product

Fedora

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 15.10
Canonical Ubuntu Linux	Version 16.04

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 4.6

Configuration C

15 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Debuginfo	Version 11.0 sp4
Novell Suse Linux Enterprise Desktop	Version 12.0
Novell Suse Linux Enterprise Desktop	Version 12.0 sp1
Novell Suse Linux Enterprise Live Patching	Version 12.0
Novell Suse Linux Enterprise Module For Public Cloud	Version 12.0
Novell Suse Linux Enterprise Real Time Extension	Version 12.0 sp1
Novell Suse Linux Enterprise Server	Version 11.0 extra
Novell Suse Linux Enterprise Server	Version 11.0 sp4
Novell Suse Linux Enterprise Server	Version 12.0
Novell Suse Linux Enterprise Server	Version 12.0 sp1
Novell Suse Linux Enterprise Software Development Kit	Version 11.0 sp4
Novell Suse Linux Enterprise Software Development Kit	Version 12.0
Novell Suse Linux Enterprise Software Development Kit	Version 12.0 sp1
Novell Suse Linux Enterprise Workstation Extension	Version 12.0
Novell Suse Linux Enterprise Workstation Extension	Version 12.0 sp1

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 24

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (56)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee

Source: cve@mitre.org

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

Source: cve@mitre.org

http://www.debian.org/security/2016/dsa-3607

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2016/05/04/2

Source: cve@mitre.org

http://www.securityfocus.com/bid/90029

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-3016-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3016-2

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3016-3

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3016-4

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3017-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3017-2

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3017-3

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3018-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3018-2

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3019-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3020-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3021-1

Source: cve@mitre.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-3021-2

Source: cve@mitre.org

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1332931

Source: cve@mitre.org

Issue Tracking

https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee

Source: cve@mitre.org

Vendor Advisory

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee