CVE-2016-9427

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

References

Affected packages

Debian:11 / libgc

Package

Name: libgc
Purl: pkg:deb/debian/libgc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:7.6.4-0.3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libgc

Package

Name: libgc
Purl: pkg:deb/debian/libgc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:7.6.4-0.3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libgc

Package

Name: libgc
Purl: pkg:deb/debian/libgc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:7.6.4-0.3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/ivmai/bdwgc

Affected ranges

Type: GIT
Repo: https://github.com/ivmai/bdwgc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d8bfa89c2a9c7c86fb98acbc53b5750600b95492

Affected versions

Other

gc4_1

gc4_10

gc4_10t3

gc4_11

gc4_12

gc4_13

gc4_14

gc4_14alpha1

gc4_8

gc5_0alpha3

gc5_3

gc6_0

gc6_1

gc6_1alpha4

gc6_2

gc6_3

gc6_3alpha1

gc6_3alpha4

gc6_3alpha5

gc6_4

gc6_5

gc6_6

gc6_7

gc6_8

gc6_8-iphone

gc7_0

gc7_0alpha1

gc7_0alpha2

gc7_0alpha3

gc7_0alpha4

gc7_0alpha5

gc7_0alpha7

gc7_0alpha9

gc7_1

gc7_1-symbian

gc7_1alpha2

gc7_1alpha3-20080220

gc7_1alpha3-20080224

gc7_2alpha2

gc7_2alpha4

gc7_2alpha5-20110107

gc7_2alpha6

gc7_3alpha2

gc7_4_0

gc7_4_2

gc7_4_4