CVE-2016-4482 in Google Androidinfo

Summary

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

Reservation

05/04/2016

Disclosure

05/23/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
90548	Google Android USB driver information disclosure	200	Not defined	Official fix	CVE-2016-4482
87126	Linux Kernel devio.c proc_connectinfo information disclosure	200	Unproven	Official fix	CVE-2016-4482

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!