Medium severity4.6NVD Advisory· Published Apr 27, 2016· Updated May 6, 2026
CVE-2016-2782
CVE-2016-2782
Description
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.
Affected products
18cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*+ 3 more
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdIssue TrackingPatchVendor Advisory
- github.com/torvalds/linux/commit/cac9b50b0d75a1d50d6c056ff65c005f3224c8e0nvdIssue TrackingPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.htmlnvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/02/28/9nvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-2929-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2929-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2930-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2930-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2930-3nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2932-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2948-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2948-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2967-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2967-2nvdThird Party Advisory
- www.exploit-db.com/exploits/39539/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.