JVN/CVE Demo: Cveinfos

CVE

Id: 89362
CVE No.: CVE-2016-2543
Status: Candidate
Description: The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.
Phase: Assigned (20160223)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
775234	89362	CVE-2016-2543	MLIST:[oss-security] 20160119 Security bugs in Linux kernel sound subsystem	View
775235	89362	CVE-2016-2543	URL:http://www.openwall.com/lists/oss-security/2016/01/19/1	View
775236	89362	CVE-2016-2543	CONFIRM:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=030e2c78d3a91dd0d27fef37e91950dde333eba1	View
775237	89362	CVE-2016-2543	CONFIRM:http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	View
775238	89362	CVE-2016-2543	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1311554	View
775239	89362	CVE-2016-2543	CONFIRM:https://github.com/torvalds/linux/commit/030e2c78d3a91dd0d27fef37e91950dde333eba1	View
775240	89362	CVE-2016-2543	DEBIAN:DSA-3503	View
775241	89362	CVE-2016-2543	URL:http://www.debian.org/security/2016/dsa-3503	View
775242	89362	CVE-2016-2543	SUSE:SUSE-SU-2016:2074	View
775243	89362	CVE-2016-2543	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	View
775244	89362	CVE-2016-2543	SUSE:SUSE-SU-2016:0911	View
775245	89362	CVE-2016-2543	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	View
775246	89362	CVE-2016-2543	SUSE:SUSE-SU-2016:1102	View
775247	89362	CVE-2016-2543	URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	View
775248	89362	CVE-2016-2543	UBUNTU:USN-2967-1	View
775249	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2967-1	View
775250	89362	CVE-2016-2543	UBUNTU:USN-2967-2	View
775251	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2967-2	View
775252	89362	CVE-2016-2543	UBUNTU:USN-2929-1	View
775253	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2929-1	View
775254	89362	CVE-2016-2543	UBUNTU:USN-2929-2	View
775255	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2929-2	View
775256	89362	CVE-2016-2543	UBUNTU:USN-2930-1	View
775257	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2930-1	View
775258	89362	CVE-2016-2543	UBUNTU:USN-2930-2	View
775259	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2930-2	View
775260	89362	CVE-2016-2543	UBUNTU:USN-2930-3	View
775261	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2930-3	View
775262	89362	CVE-2016-2543	UBUNTU:USN-2931-1	View
775263	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2931-1	View
775264	89362	CVE-2016-2543	UBUNTU:USN-2932-1	View
775265	89362	CVE-2016-2543	URL:http://www.ubuntu.com/usn/USN-2932-1	View
775266	89362	CVE-2016-2543	BID:83377	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
1067	JVNDB-2016-001840	Debian jessie の glibc パッケージおよび Ubuntu の elibc ならびに glibcc パッケージの pt_chown におけるキーストロークをキャプチャされる脆弱性	Debian jessie の glibc パッケージ、および Ubuntu の elibc ならびに glibcc パッケージの pt_chown は、ファイル記述子の引渡しに関連付けられた名前空間の確認が欠落しているため、キーストロークをキャプチャされ、データを偽装される、および権限を取得される脆弱性が存在します。	CVE-2016-2856	89362	7.2		http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-001840.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.32 MB
View render complete	2.77 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.72
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	463.92
Event: Controller.beforeRender	4.34
» Processing toolbar data	4.25
Rendering View	10.92
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	9.84
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.68
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/89362
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/89362
Remote Port	56717
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.111
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.211.250
Http Via	1.1 squid-proxy-5b5d847c96-knn9n (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.111
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.111
Unique Id	aNleFMyh0DhJNVUrTdTuRAAAAA0
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.111
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.111
Redirect Unique Id	aNleFMyh0DhJNVUrTdTuRAAAAA0
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.111
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.111
Redirect Redirect Unique Id	aNleFMyh0DhJNVUrTdTuRAAAAA0
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759075860.12
Request Time	1759075860

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files