Launchpad.net

CVE 2016-2548

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.

Related bugs and status

CVE-2016-2548 (Candidate) is related to these bugs:

Bug #1549195: CVE-2016-2548

		In	Importance	Status
1549195	CVE-2016-2548	linux (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu)	Medium	Fix Committed
1549195	CVE-2016-2548	linux (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu Xenial)	Medium	Fix Committed
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux (Ubuntu Wily)	Medium	Fix Released
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu Wily)	Medium	Fix Released
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux (Ubuntu Trusty)	Medium	Fix Released
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux (Ubuntu Precise)	Medium	Fix Released
1549195	CVE-2016-2548	linux-raspi2 (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-ti-omap4 (Ubuntu Precise)	Medium	Fix Released
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu Precise)	Medium	Fix Released
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-trusty (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu Precise)	Medium	Fix Released
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-armadaxp (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu Trusty)	Medium	Fix Committed
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu Vivid)	Undecided	New
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-xenial (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu Trusty)	Medium	Fix Released
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu Vivid)	Undecided	New
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-wily (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-goldfish (Ubuntu)	Medium	New
1549195	CVE-2016-2548	linux-goldfish (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-goldfish (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-goldfish (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-goldfish (Ubuntu Wily)	Medium	New
1549195	CVE-2016-2548	linux-goldfish (Ubuntu Xenial)	Medium	New
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu Vivid)	Undecided	New
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-saucy (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-quantal (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu Trusty)	Medium	Fix Released
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu Wily)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-vivid (Ubuntu Xenial)	Medium	Invalid
1549195	CVE-2016-2548	linux-mako (Ubuntu)	Medium	New
1549195	CVE-2016-2548	linux-mako (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-mako (Ubuntu Trusty)	Medium	Invalid
1549195	CVE-2016-2548	linux-mako (Ubuntu Vivid)	Undecided	Won't Fix
1549195	CVE-2016-2548	linux-mako (Ubuntu Wily)	Medium	New
1549195	CVE-2016-2548	linux-mako (Ubuntu Xenial)	Medium	New
1549195	CVE-2016-2548	linux-lts-utopic (Ubuntu)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-utopic (Ubuntu Precise)	Medium	Invalid
1549195	CVE-2016-2548	linux-lts-utopic (Ubuntu Trusty)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016011...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://www.kernel.org/...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://github.com/tor...
SUSE: SUSE-SU-2016:2074
BID: 83383
DEBIAN: DSA-3503
UBUNTU: USN-2967-1
UBUNTU: USN-2967-2
SUSE: SUSE-SU-2016:0911
SUSE: SUSE-SU-2016:1102
UBUNTU: USN-2929-1
UBUNTU: USN-2929-2
UBUNTU: USN-2930-1
UBUNTU: USN-2930-2
UBUNTU: USN-2930-3
UBUNTU: USN-2931-1
UBUNTU: USN-2932-1
SECTRACK: 1035306