CVE-2016-1578

Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.10
canonicalubuntu_linux
16.04
oxide_projectoxide
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
oxide-qt
xenial
Fixed 1.14.7-0ubuntu1
released
wily
Fixed 1.14.7-0ubuntu0.15.10.1
released
trusty
Fixed 1.14.7-0ubuntu0.14.04.1
released
precise
dne
References
http://www.ubuntu.com/usn/USN-2955-1
http://www.ubuntu.com/usn/USN-2955-1