What is CVE-2016-2187?

CVE-2016-2187 is a medium-severity vulnerability in Linux Linux_kernel. CVSS score: 4.6/10. Published 2016-05-02.

How severe is CVE-2016-2187?

Medium severity. CVSS v3 base score is 4.6 out of 10.

Vulnerability in Linux Linux_kernel

CVE-2016-2187

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB…

EPSS: 0.000 (13.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.6 (Medium). Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Linux Linux_kernel
Novell Suse_linux_enterprise_debuginfo — versions 11
Novell Suse_linux_enterprise_server — versions 11
Novell Suse_linux_enterprise_software_development_kit — versions 11.0
Canonical Ubuntu_linux — versions 12.04, 14.04, 15.10
N/a — versions n/a

References

USN-3006-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
USN-3004-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
USN-3001-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
USN-3005-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
SUSE-SU-2016:1985 (vendor-advisory, x_refsource_SUSE)
85425 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
USN-2997-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
USN-3000-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)

Frequently asked questions

What is CVE-2016-2187?: CVE-2016-2187 is a medium-severity vulnerability in Linux Linux_kernel. CVSS score: 4.6/10. Published 2016-05-02.
How severe is CVE-2016-2187?: Medium severity. CVSS v3 base score is 4.6 out of 10.