Bug#818497: busybox: CVE-2016-2148: heap overflow in OPTION_6RD parsing

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#818497: busybox: CVE-2016-2148: heap overflow in OPTION_6RD parsing
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 17 Mar 2016 17:25:28 +0100
Message-id: <[🔎] 145823192823.31874.14120570009048117373.reportbug@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 818497@bugs.debian.org

Source: busybox
Version: 1:1.20.0-7
Severity: normal
Tags: security upstream fixed-upstream

Hi,

the following vulnerability was published for busybox, filling for
tracking purpose.

CVE-2016-2148[0]:
heap overflow in OPTION_6RD parsing

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-2148

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply to:

Prev by Date: Question prompted by [Re: Should apt-transport-https be Priority: Important ? (Re: own cloud task in tasksel?)]
Next by Date: Bug#818499: busybox: CVE-2016-2147: OOB heap write due to integer underflow
Previous by thread: Bug#818481: installation-reports: Xen PV drivers not present in 32-bit installer kernel (but present in installed kernel)
Next by thread: Bug#818499: busybox: CVE-2016-2147: OOB heap write due to integer underflow
Index(es):
- Date
- Thread