CVE-2016-4578

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6", "name": "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5", "name": "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335215", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1335215", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2016/05/11/5", "name": "[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer", "tags": ["Mailing List"], "refsource": "MLIST"}, {"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5", "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6", "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.ubuntu.com/usn/USN-3017-2", "name": "USN-3017-2", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3018-2", "name": "USN-3018-2", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3016-4", "name": "USN-3016-4", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3016-1", "name": "USN-3016-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3016-2", "name": "USN-3016-2", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3016-3", "name": "USN-3016-3", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3018-1", "name": "USN-3018-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3019-1", "name": "USN-3019-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3017-3", "name": "USN-3017-3", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3020-1", "name": "USN-3020-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3017-1", "name": "USN-3017-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3021-1", "name": "USN-3021-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-3021-2", "name": "USN-3021-2", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", "name": "SUSE-SU-2016:1672", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", "name": "SUSE-SU-2016:1690", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", "name": "SUSE-SU-2016:1937", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://www.debian.org/security/2016/dsa-3607", "name": "DSA-3607", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", "name": "SUSE-SU-2016:1985", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", "name": "openSUSE-SU-2016:1641", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", "name": "openSUSE-SU-2016:2184", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", "name": "SUSE-SU-2016:2105", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://www.securityfocus.com/bid/90535", "name": "90535", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html", "name": "RHSA-2016:2584", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html", "name": "RHSA-2016:2574", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://www.exploit-db.com/exploits/46529/", "name": "46529", "tags": ["Exploit", "VDB Entry", "Third Party Advisory"], "refsource": "EXPLOIT-DB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-200"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-4578", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2016-05-23T10:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.6"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-03-25T18:58Z"}