Home

CVE-2016-9427

Description

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.116

Associated Vulnerability

VulnerabilityOS Platform
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-1546-1) libgc1c2_7.1-8ubuntu0.12.04.3_i386.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-1546-1) libgc1c2_7.1-8ubuntu0.12.04.3_amd64.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.2d-5ubuntu2.1_i386.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.2d-5ubuntu2.1_amd64.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.4.2-8ubuntu0.1_i386.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.4.2-8ubuntu0.1_amd64.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.4.2-7.3ubuntu0.1_i386.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.4.2-7.3ubuntu0.1_amd64.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.1-8ubuntu0.12.04.3_i386.debLinux
Boehm-Demers-Weiser garbage collecting storage allocator library (USN-3197-1) libgc1c2_7.1-8ubuntu0.12.04.3_amd64.debLinux
SUSE-SU-2016:3057-1(SUSE Linux Enterprise Desktop 12-SP1 ) gc-debugsource-7.2d-5.1.x86_64.rpmLinux
SUSE-SU-2016:3057-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgc1-7.2d-5.1.x86_64.rpmLinux
SUSE-SU-2016:3057-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgc1-debuginfo-7.2d-5.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234