CVE-2016-8596

Опубликовано: 28 окт. 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.

Ссылки

http://www.securityfocus.com/bid/94226
https://github.com/GomSpace/libcsp/pull/80
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94226
https://github.com/GomSpace/libcsp/pull/80
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libcsp:libcsp:*:*:*:*:*:*:*:*

Версия до 1.4 (включая)

EPSS

Процентиль: 87%

0.03362

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2016-8596

CVSS3: 9.8

ubuntu

больше 9 лет назад

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.

CVE-2016-8596

CVSS3: 9.8

debian

больше 9 лет назад

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the li ...

GHSA-qcv6-xx53-38r7

CVSS3: 9.8

github

больше 3 лет назад

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.

EPSS

Процентиль: 87%

0.03362

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119