CVE - CVE-2016-9843

CVE-ID
CVE-2016-9843	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:95131 URL:http://www.securityfocus.com/bid/95131 CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html URL:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html URL:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html URL:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1402351 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1402351 CONFIRM:https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 URL:https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ URL:https://security.netapp.com/advisory/ntap-20181018-0002/ CONFIRM:https://support.apple.com/HT208112 URL:https://support.apple.com/HT208112 CONFIRM:https://support.apple.com/HT208113 URL:https://support.apple.com/HT208113 CONFIRM:https://support.apple.com/HT208115 URL:https://support.apple.com/HT208115 CONFIRM:https://support.apple.com/HT208144 URL:https://support.apple.com/HT208144 GENTOO:GLSA-201701-56 URL:https://security.gentoo.org/glsa/201701-56 GENTOO:GLSA-202007-54 URL:https://security.gentoo.org/glsa/202007-54 MISC:https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib URL:https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib MISC:https://wiki.mozilla.org/images/0/09/Zlib-report.pdf URL:https://wiki.mozilla.org/images/0/09/Zlib-report.pdf MISC:https://www.oracle.com/security-alerts/cpujul2020.html URL:https://www.oracle.com/security-alerts/cpujul2020.html MLIST:[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update URL:https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html MLIST:[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update URL:https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html MLIST:[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit URL:http://www.openwall.com/lists/oss-security/2016/12/05/21 REDHAT:RHSA-2017:1220 URL:https://access.redhat.com/errata/RHSA-2017:1220 REDHAT:RHSA-2017:1221 URL:https://access.redhat.com/errata/RHSA-2017:1221 REDHAT:RHSA-2017:1222 URL:https://access.redhat.com/errata/RHSA-2017:1222 REDHAT:RHSA-2017:2999 URL:https://access.redhat.com/errata/RHSA-2017:2999 REDHAT:RHSA-2017:3046 URL:https://access.redhat.com/errata/RHSA-2017:3046 REDHAT:RHSA-2017:3047 URL:https://access.redhat.com/errata/RHSA-2017:3047 REDHAT:RHSA-2017:3453 URL:https://access.redhat.com/errata/RHSA-2017:3453 SECTRACK:1039427 URL:http://www.securitytracker.com/id/1039427 SECTRACK:1041888 URL:http://www.securitytracker.com/id/1041888 SUSE:openSUSE-SU-2016:3202 URL:http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html SUSE:openSUSE-SU-2017:0077 URL:http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html SUSE:openSUSE-SU-2017:0080 URL:http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html UBUNTU:USN-4246-1 URL:https://usn.ubuntu.com/4246-1/ UBUNTU:USN-4292-1 URL:https://usn.ubuntu.com/4292-1/
Assigning CNA
OpenText (formerly Micro Focus)
Date Record Created
20161205	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20161205)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)