cpe:/o:linux:linux_kernel:4.4 CVE-2016-2548 2016-04-27T13:59:18.070-04:00 2017-09-06T21:29:02.557-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2016-05-02T14:14:32.300-04:00 SECTRACK 1035306 BID 83383 DEBIAN DSA-3503 SUSE SUSE-SU-2016:0911 SUSE SUSE-SU-2016:1102 SUSE SUSE-SU-2016:2074 UBUNTU USN-2929-1 UBUNTU USN-2929-2 UBUNTU USN-2930-1 UBUNTU USN-2930-2 UBUNTU USN-2930-3 UBUNTU USN-2931-1 UBUNTU USN-2932-1 UBUNTU USN-2967-1 UBUNTU USN-2967-2 MLIST [oss-security] 20160119 Security bugs in Linux kernel sound subsystem CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d CONFIRM http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1311568 CONFIRM https://github.com/torvalds/linux/commit/b5a663aa426f4884c71cd8580adae73f33570f0d sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.