CVE-2016-6264

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-6264

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6264.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-6264

Related

DLA-561-1

Published

2017-01-27T22:59:00Z

Modified

2025-02-14T09:58:12.730454Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent attackers to cause a denial of service (crash) via a negative length value to the memset function.

References

Affected packages

Debian:11 / uclibc

Package

Name: uclibc
Purl: pkg:deb/debian/uclibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.20-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / uclibc

Package

Name: uclibc
Purl: pkg:deb/debian/uclibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.20-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / uclibc

Package

Name: uclibc
Purl: pkg:deb/debian/uclibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.20-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/wbx-github/uclibc-ng

Affected ranges

Type: GIT
Repo: https://github.com/wbx-github/uclibc-ng
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

aebdbb727362a92437b772e5d749d6650e5b823f

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.10

v1.0.11

v1.0.12

v1.0.13

v1.0.14

v1.0.15

v1.0.2

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9