Bug#818499: busybox: CVE-2016-2147: OOB heap write due to integer underflow

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#818499: busybox: CVE-2016-2147: OOB heap write due to integer underflow
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 17 Mar 2016 17:27:52 +0100
Message-id: <[🔎] 145823207297.32055.18019966503735284093.reportbug@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 818499@bugs.debian.org

Source: busybox
Version: 1:1.20.0-7
Severity: normal
Tags: security upstream fixed-upstream

Hi,

the following vulnerability was published for busybox, filling for
tracking purpose.

CVE-2016-2147[0]:
OOB heap write due to integer underflow

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-2147

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply to:

Prev by Date: Bug#818497: busybox: CVE-2016-2148: heap overflow in OPTION_6RD parsing
Next by Date: Bug#818457: marked as done (installation-reports: successfull installation on HP ProLiant Microserver N36L)
Previous by thread: Bug#818497: busybox: CVE-2016-2148: heap overflow in OPTION_6RD parsing
Next by thread: SFRN 4.0.1 Reiser4-enabled netboot iso/USB
Index(es):
- Date
- Thread