suse · CVE-2016-3951

Quick triage

Priority: medium Published: 2021-05-30 13:41:00 UTC Updated: 2024-10-23 01:31:25 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-3951 severity moderate: SUSE including 82 source package names (kernel-compute-3.12.58-14.1, kernel-compute-base-3.12.58-14.1, …), 450 product×package rows across 102 product lines (SUSE CaaS Platform 4.0, SUSE CaaS Platform 4.5, … (102 product lines)): Known Not Affected 321, Fixed 129.

Description:

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.

cvelogic Threat Intelligence