{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-28T00:00:00", "descriptions": [{"lang": "en", "value": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SUSE-SU-2016:1690", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"}, {"name": "USN-2930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"name": "USN-2967-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"name": "USN-2930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"name": "39539", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/39539/"}, {"name": "USN-2967-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"name": "SUSE-SU-2016:1764", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"}, {"name": "USN-2930-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"name": "[oss-security] 20160228 Re: CVE request -- linux kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/02/28/9"}, {"name": "SUSE-SU-2016:1707", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"}, {"name": "SUSE-SU-2016:1672", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"name": "SUSE-SU-2016:1019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"}, {"name": "USN-2929-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"name": "USN-2932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2948-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"}, {"name": "USN-2929-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"name": "USN-2948-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2948-2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:32:21.033Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2016:1690", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"}, {"name": "USN-2930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"name": "USN-2967-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"name": "USN-2930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"name": "39539", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/39539/"}, {"name": "USN-2967-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"name": "SUSE-SU-2016:1764", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"}, {"name": "USN-2930-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"name": "[oss-security] 20160228 Re: CVE request -- linux kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/02/28/9"}, {"name": "SUSE-SU-2016:1707", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"}, {"name": "SUSE-SU-2016:1672", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"name": "SUSE-SU-2016:1019", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"}, {"name": "USN-2929-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"name": "USN-2932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"name": "SUSE-SU-2016:2074", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"name": "USN-2948-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"}, {"name": "USN-2929-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"name": "USN-2948-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2948-2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-2782", "datePublished": "2016-04-27T17:00:00", "dateReserved": "2016-02-28T00:00:00", "dateUpdated": "2024-08-05T23:32:21.033Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B6177A4-8E9B-448D-A6C1-1F88863DE391", "versionEndExcluding": "4.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "2BEB8150-FFE5-47FA-A056-9029F00744AA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", "matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*", "matchCriteriaId": "1B8F4626-6942-4A79-BF25-C8AD33A82034", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "99A38379-DBD3-4BF6-9A8F-95A3F553AD02", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "18D823E3-E1F3-4A15-A9C7-1AB61C1B6703", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint."}, {"lang": "es", "value": "La funci\u00f3n treo_attach en drivers/usb/serial/visor.c en el kernel de Linux en versiones anteriores a 4.5 permite a atacantes f\u00edsicamente pr\u00f3ximos causar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) o posiblemente tener otro impacto no especificado mediante la inserci\u00f3n de un dispositivo USB que carece de punto final en (1) bulk-in o (2) interrupt-in."}], "id": "CVE-2016-2782", "lastModified": "2022-01-31T18:02:24.830", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-27T17:59:20.960", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/02/28/9"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/39539/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Ralf Spenneberg (OpenSource Security) for reporting this issue.", "bugzilla": {"description": "kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver", "id": "1312670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312670"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "status": "draft"}, "cwe": "CWE-476", "details": ["The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint."], "name": "CVE-2016-2782", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2016-01-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-2782\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2782"], "statement": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}