CVE-2016-5829

CWE-119Buffer OverflowCWE-122Heap-based Buffer Overflow16 documents8 sources
Severity
7.8HIGH
EPSS
0.1%
top 69.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux Linux KernelCanonical Ubuntu LinuxDebian Debian Linux+1 more
Timeline
PublishedJun 27
Latest updateMay 14

Description

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel3.33.10.103+8
Debianlinux< 4.6.3-1+3

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 16.04

🔴Vulnerability Details

3
GHSA
GHSA-66jc-9397-h8vf: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev2022-05-14
CVEList
CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev2016-06-27
OSV
CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev2016-06-27

📋Vendor Advisories

10
Ubuntu
Linux kernel (Raspberry Pi 2) vulnerabilities2016-08-30
Ubuntu
Linux kernel (Qualcomm Snapdragon) vulnerabilities2016-08-30
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities2016-08-30
Ubuntu
Linux kernel (OMAP4) vulnerabilities2016-08-29
Ubuntu
Linux kernel vulnerabilities2016-08-29

💬Community

2
Bugzilla
CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver2016-06-27
Bugzilla
CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver [fedora-all]2016-06-27
CVE-2016-5829 (HIGH CVSS 7.8) | Multiple heap-based buffer overflow | cvebase.io