The mctu232msrtostate function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "211811213295238759643575657816760149205", "95459286062317700203447121118772484349", "263316890618266342788944079244235847664", "58187147232235720951938010586775279552", "114919989378091955173527808025511565617", "149295520827115381297010297962245838151", "140254768852644512659775673263834826331", "132850836554624048323580188677826633545", "121684732863664824887213211960003251821" ] }, "id": "CVE-2016-3136-250b21a5", "signature_type": "Line", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e", "signature_version": "v1", "target": { "file": "drivers/usb/serial/mct_u232.c" } }, { "digest": { "function_hash": "119502808909758832131896657308167199116", "length": 314.0 }, "id": "CVE-2016-3136-4a3465c9", "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4e9a0b05257f29cf4b75f3209243ed71614d062e", "signature_version": "v1", "target": { "function": "mct_u232_port_probe", "file": "drivers/usb/serial/mct_u232.c" } }, { "digest": { "function_hash": "119502808909758832131896657308167199116", "length": 314.0 }, "id": "CVE-2016-3136-acf87367", "signature_type": "Function", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e", "signature_version": "v1", "target": { "function": "mct_u232_port_probe", "file": "drivers/usb/serial/mct_u232.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "211811213295238759643575657816760149205", "95459286062317700203447121118772484349", "263316890618266342788944079244235847664", "58187147232235720951938010586775279552", "114919989378091955173527808025511565617", "149295520827115381297010297962245838151", "140254768852644512659775673263834826331", "132850836554624048323580188677826633545", "121684732863664824887213211960003251821" ] }, "id": "CVE-2016-3136-fc733016", "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4e9a0b05257f29cf4b75f3209243ed71614d062e", "signature_version": "v1", "target": { "file": "drivers/usb/serial/mct_u232.c" } } ] }