Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-9597

Published: 30 July 2018

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

Notes

AuthorNote
mdeslaur 
Red Hat bug states this CVE is for a Red Hat specific regression
that duplicated other public CVEs
"missing/incorrect fix for CVE-2016-3705 in the Red Hat JBoss
Core Services."

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian 		upstream Needs triage

precise Not vulnerable

trusty Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading