CVE-2016-4578

MEDIUM

Linux Kernel < 4.6 - Information Disclosure

Title source: rule

Description

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.

Exploits (1)

exploitdb WORKING POC
by wally0813 · cdoslinux
https://www.exploit-db.com/exploits/46529

References (31)

... and 11 more

Scores

CVSS v3 5.5
EPSS 0.0013
EPSS Percentile 32.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-200
Status draft

Affected Products (20)

linux/linux_kernel < 4.6
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
debian/debian_linux
redhat/enterprise_linux_desktop
redhat/enterprise_linux_server
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_eus
redhat/enterprise_linux_server_eus
redhat/enterprise_linux_server_eus
redhat/enterprise_linux_server_eus
... and 5 more

Timeline

Published May 23, 2016
Tracked Since Feb 18, 2026