Package libgc updated to version 7.6.0-alt1 for branch sisyphus in task 168820.

Published: 2016-08-21

BDU:2022-05976

Уязвимость сборщика мусора для C и C++ Boehm-Demers-Weiser GC, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2016-9427

Published: 2016-12-12
Modified: 2024-11-21

CVE-2016-9427

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

openSUSE-SU-2016:3126
openSUSE-SU-2016:3126
openSUSE-SU-2016:3177
openSUSE-SU-2016:3177
[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities
[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities
94407
94407
https://github.com/ivmai/bdwgc/issues/135
https://github.com/ivmai/bdwgc/issues/135
[debian-lts-announce] 20220330 [SECURITY] [DLA 2966-1] libgc security update
[debian-lts-announce] 20220330 [SECURITY] [DLA 2966-1] libgc security update

Version: 2.1.0

Package libgc update in sisyphus on 2016-08-24

ALT-PU-2016-1885-1

Closed vulnerabilities

BDU:2022-05976

CVE-2016-9427