Your submission was sent successfully! Close

CVE-2016-9842

Published: 23 May 2017

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
rsync
Launchpad, Ubuntu, Debian
bionic
Released (3.1.2-2.1ubuntu1.1)
disco
Released (3.1.3-6)
eoan
Released (3.1.3-6)
focal
Released (3.1.3-6)
groovy
Released (3.1.3-6)
hirsute
Released (3.1.3-6)
impish
Released (3.1.3-6)
jammy
Released (3.1.3-6)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial
Released (3.1.1-3ubuntu1.3)
zlib
Launchpad, Ubuntu, Debian
artful Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
bionic Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
cosmic Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
disco Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
eoan Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
focal Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
groovy Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
hirsute Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
impish Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
jammy Not vulnerable
(1:1.2.11.dfsg-0ubuntu2)
precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream Needs triage

xenial
Released (1:1.2.8.dfsg-2ubuntu4.3)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)