CVE-2016-4578 in Google Androidinfo

Summary

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.

Reservation

05/11/2016

Disclosure

05/23/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
90554	Google Android Kernel Sound information disclosure	200	Proof-of-Concept	Official fix	CVE-2016-4578
90552	Google Android Kernel Networking information disclosure	200	Proof-of-Concept	Official fix	CVE-2016-4578
87304	Linux Kernel timer.c information disclosure	200	Proof-of-Concept	Official fix	CVE-2016-4578

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!