Closed mend-bolt-for-github[bot] closed 1 year ago
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 32145daf0c96b012284199f23418243e0168269f
Found in base branch: main
/drivers/input/misc/ims-pcu.c /drivers/input/misc/ims-pcu.c
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
Publish Date: 2016-05-02
URL: CVE-2016-3689
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Physical - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-3689
Release Date: 2016-05-02
Fix Resolution: 4.5.1
Step up your Open Source Security Game with Mend here
:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #840
CVE-2016-3689 - Medium Severity Vulnerability
Vulnerable Library - linuxlinux-4.1.52
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 32145daf0c96b012284199f23418243e0168269f
Found in base branch: main
Vulnerable Source Files (2)
/drivers/input/misc/ims-pcu.c /drivers/input/misc/ims-pcu.c
Vulnerability Details
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
Publish Date: 2016-05-02
URL: CVE-2016-3689
CVSS 3 Score Details (4.6)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Physical - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-3689
Release Date: 2016-05-02
Fix Resolution: 4.5.1
Step up your Open Source Security Game with Mend here