1. Home
  2. Vulnerabilities
  3. CVE-2016-7913

CVE-2016-7913

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 9.3 (High)
93% Progress
EPSS 0.09 % (40th)
0.09% Progress
Affected Products 2
Advisories 12
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
Android (associated with Google Inc. or Open Handset Alliance)
Published Date
2016-11-16 05:59:08
(7 years ago)
Updated Date
2022-12-09 18:12:39
(21 months ago)

Affected Products

Canonical

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.10.106 version cpe:2.3:o:linux:linux_kernel < 3.10.106
  Linux Kernel from 3.11 version and prior 3.12.70 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.70
  Linux Kernel from 3.13 version and prior 3.18.51 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.18.51
  Linux Kernel from 3.19 version and prior 4.1.41 version cpe:2.3:o:linux:linux_kernel >= 3.19 < 4.1.41
  Linux Kernel from 4.2 version and prior 4.4.65 version cpe:2.3:o:linux:linux_kernel >= 4.2 < 4.4.65
  Linux Kernel from 4.5 version and prior 4.6 version cpe:2.3:o:linux:linux_kernel >= 4.5 < 4.6

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm