VYPR
Medium severity6.2NVD Advisory· Published May 23, 2016· Updated Jun 17, 2026

CVE-2016-4482

CVE-2016-4482

Description

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

126

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.