CVE-2016-6264
Published: 27 January 2017
Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent attackers to cause a denial of service (crash) via a negative length value to the memset function.
Priority
CVSS 3 base score: 7.5
Status
Package | Release | Status |
---|---|---|
uclibc Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
uclibc-ng Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
Patches: upstream: http://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed |