← Voltar para CVEs
CVE-2016-9843
CRITICAL9.8
Descricao
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado5/23/2017
Ultima modificacao4/20/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
apple:iphone_osapple:mac_os_xapple:tvosapple:watchoscanonical:ubuntu_linuxdebian:debian_linuxmariadb:mariadbnetapp:active_iq_unified_managernetapp:oncommand_insightnetapp:oncommand_workflow_automationnetapp:snapcenternodejs:node.jsopensuse:leapopensuse:opensuseoracle:database_serveroracle:jdkoracle:jreoracle:mysqlredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_workstationredhat:satellitezlib:zlib
Referencias
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html(security@opentext.com)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html(security@opentext.com)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html(security@opentext.com)
http://www.openwall.com/lists/oss-security/2016/12/05/21(security@opentext.com)
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html(security@opentext.com)
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html(security@opentext.com)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html(security@opentext.com)
http://www.securityfocus.com/bid/95131(security@opentext.com)
http://www.securitytracker.com/id/1039427(security@opentext.com)
http://www.securitytracker.com/id/1041888(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:1220(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:1221(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:1222(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:2999(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:3046(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:3047(security@opentext.com)
https://access.redhat.com/errata/RHSA-2017:3453(security@opentext.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1402351(security@opentext.com)
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811(security@opentext.com)
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html(security@opentext.com)
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html(security@opentext.com)
https://security.gentoo.org/glsa/201701-56(security@opentext.com)
https://security.gentoo.org/glsa/202007-54(security@opentext.com)
https://security.netapp.com/advisory/ntap-20181018-0002/(security@opentext.com)
https://support.apple.com/HT208112(security@opentext.com)
https://support.apple.com/HT208113(security@opentext.com)
https://support.apple.com/HT208115(security@opentext.com)
https://support.apple.com/HT208144(security@opentext.com)
https://usn.ubuntu.com/4246-1/(security@opentext.com)
https://usn.ubuntu.com/4292-1/(security@opentext.com)
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib(security@opentext.com)
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf(security@opentext.com)
https://www.oracle.com/security-alerts/cpujul2020.html(security@opentext.com)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/12/05/21(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95131(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039427(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041888(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1220(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1221(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1222(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:2999(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3046(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3047(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3453(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1402351(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201701-56(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202007-54(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20181018-0002/(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT208112(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT208113(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT208115(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT208144(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4246-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4292-1/(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2020.html(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.