CVE-2016-3138
Title: Novell Suse Linux Enterprise Software Development Kit Memory Corruption
Memory Corruption
Proof Of Concept
No public PoC currently indexed for CVE-2016-3138.
CWE Category
NVD-CWE-noinfo
Published Date
May 02, 2016
Modified Date
May 06, 2026
Exploit Status
Not Found
Score
4.6
CVSS v3.0
Exploit Probability (EPSS)
0.02%
Vulnerability Summary
CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.
Impacted Vendors
Reference Links
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
http://www.debian.org/security/2016/dsa-3607
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1
http://www.openwall.com/lists/oss-security/2016/03/14/4
http://www.ubuntu.com/usn/USN-2968-1
http://www.ubuntu.com/usn/USN-2968-2
http://www.ubuntu.com/usn/USN-2969-1
http://www.ubuntu.com/usn/USN-2970-1
http://www.ubuntu.com/usn/USN-2971-1
http://www.ubuntu.com/usn/USN-2971-2
http://www.ubuntu.com/usn/USN-2971-3
http://www.ubuntu.com/usn/USN-2996-1
http://www.ubuntu.com/usn/USN-2997-1
https://bugzilla.redhat.com/show_bug.cgi?id=1316204
https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8835ba4a39cf53f705417b3b3a94eb067673f2c9
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
http://www.debian.org/security/2016/dsa-3607
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1
http://www.openwall.com/lists/oss-security/2016/03/14/4
http://www.ubuntu.com/usn/USN-2968-1
http://www.ubuntu.com/usn/USN-2968-2
http://www.ubuntu.com/usn/USN-2969-1
http://www.ubuntu.com/usn/USN-2970-1
http://www.ubuntu.com/usn/USN-2971-1
http://www.ubuntu.com/usn/USN-2971-2
http://www.ubuntu.com/usn/USN-2971-3
http://www.ubuntu.com/usn/USN-2996-1
http://www.ubuntu.com/usn/USN-2997-1
https://bugzilla.redhat.com/show_bug.cgi?id=1316204
https://github.com/torvalds/linux/commit/8835ba4a39cf53f705417b3b3a94eb067673f2c9
CVSS v3.0
Source Entity
[email protected]
Severity
MEDIUM
4.6
Attack Vector
PHYSICAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
4.9
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:L/AC:L/Au:N/C:N/I:N/A:C
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2016-3138 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
PHYSICAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Stack
No specific products linked.