Home CVE Database CVE-2016-4578

CVE-2016-4578

Description

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.

Priority: LOW
CVSS v3: 5.5
Publish Date: May 23, 2016
Related ID: --
CVSS v2: Medium
Modified Date: May 24, 2016

Find out more about CVE-2016-4578 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online