CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
References
Link Resource
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib Third Party Advisory
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf Exploit Technical Description Third Party Advisory
https://security.gentoo.org/glsa/201701-56 Third Party Advisory
https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1402346 Issue Tracking
http://www.securityfocus.com/bid/95131 Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2016/12/05/21 Mailing List Patch Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html Mailing List Third Party Advisory
http://www.securitytracker.com/id/1039427 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039596 Broken Link Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
https://support.apple.com/HT208144 Third Party Advisory
https://support.apple.com/HT208115 Third Party Advisory
https://support.apple.com/HT208113 Third Party Advisory
https://support.apple.com/HT208112 Third Party Advisory
https://security.netapp.com/advisory/ntap-20171019-0001/ Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3047 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3046 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3453 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2999 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1222 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1221 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1220 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html Mailing List Third Party Advisory
https://usn.ubuntu.com/4246-1/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html Mailing List Third Party Advisory
https://usn.ubuntu.com/4292-1/ Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
https://security.gentoo.org/glsa/202007-54 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vasa:*:*
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:virtual_storage_console:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:symantec_netbackup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vcenter:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*

History

22 Jun 2022, 17:16

Type Values Removed Values Added
First Time Oracle database Server
Apple tvos
Netapp storage Replication Adapter For Clustered Data Ontap
Oracle jdk
Redhat enterprise Linux Server
Netapp virtual Storage Console
Canonical
Netapp
Netapp oncommand Unified Manager
Debian debian Linux
Apple watchos
Netapp e-series Santricity Web Services
Netapp snapmanager
Netapp oncommand Performance Manager
Netapp hci Storage Node
Redhat enterprise Linux Eus
Oracle mysql
Redhat
Apple
Redhat satellite
Netapp solidfire
Apple mac Os X
Netapp oncommand Insight
Netapp e-series Santricity Storage Manager
Redhat enterprise Linux Workstation
Oracle jre
Netapp e-series Santricity Os Controller
Netapp oncommand Shift
Netapp steelstore Cloud Integrated Storage
Zlib zlib
Netapp oncommand Balance
Redhat enterprise Linux Desktop
Apple iphone Os
Netapp cloud Backup
Netapp symantec Netbackup
Debian
Netapp vasa Provider For Clustered Data Ontap
Canonical ubuntu Linux
Netapp e-series Santricity Management
Netapp oncommand Workflow Automation
Zlib
Oracle
Netapp active Iq Unified Manager
CPE cpe:2.3:a:gnu:zlib:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:symantec_netbackup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vasa:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vcenter:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:virtual_storage_console:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
CWE CWE-189 NVD-CWE-noinfo
References (MLIST) https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html - (MLIST) https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html - Mailing List, Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1039596 - (SECTRACK) http://www.securitytracker.com/id/1039596 - Broken Link, Third Party Advisory, VDB Entry
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1221 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1221 - Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1222 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1222 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208113 - (CONFIRM) https://support.apple.com/HT208113 - Third Party Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2016/12/05/21 - Patch, Third Party Advisory, VDB Entry (MLIST) http://www.openwall.com/lists/oss-security/2016/12/05/21 - Mailing List, Patch, Third Party Advisory, VDB Entry
References (SECTRACK) http://www.securitytracker.com/id/1039427 - (SECTRACK) http://www.securitytracker.com/id/1039427 - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:2999 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:2999 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3453 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3453 - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html - Mailing List, Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208115 - (CONFIRM) https://support.apple.com/HT208115 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208112 - (CONFIRM) https://support.apple.com/HT208112 - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4292-1/ - (UBUNTU) https://usn.ubuntu.com/4292-1/ - Third Party Advisory
References (CONFIRM) https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb - Patch, Vendor Advisory (CONFIRM) https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3047 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3047 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208144 - (CONFIRM) https://support.apple.com/HT208144 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1220 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1220 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3046 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3046 - Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/202007-54 - (GENTOO) https://security.gentoo.org/glsa/202007-54 - Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Patch, Third Party Advisory
References (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20171019-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20171019-0001/ - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4246-1/ - (UBUNTU) https://usn.ubuntu.com/4246-1/ - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html - Mailing List, Third Party Advisory

Information

Published : 2017-05-23 04:29

Updated : 2022-06-22 17:16


NVD link : CVE-2016-9841

Mitre link : CVE-2016-9841


JSON object : View

Products Affected

redhat

  • enterprise_linux_eus
  • enterprise_linux_workstation
  • satellite
  • enterprise_linux_server
  • enterprise_linux_desktop

netapp

  • cloud_backup
  • oncommand_unified_manager
  • storage_replication_adapter_for_clustered_data_ontap
  • e-series_santricity_web_services
  • vasa_provider_for_clustered_data_ontap
  • oncommand_workflow_automation
  • hci_storage_node
  • active_iq_unified_manager
  • symantec_netbackup
  • virtual_storage_console
  • oncommand_performance_manager
  • e-series_santricity_os_controller
  • solidfire
  • oncommand_shift
  • e-series_santricity_storage_manager
  • steelstore_cloud_integrated_storage
  • e-series_santricity_management
  • oncommand_balance
  • snapmanager
  • oncommand_insight

apple

  • watchos
  • iphone_os
  • tvos
  • mac_os_x

debian

  • debian_linux

oracle

  • jre
  • mysql
  • jdk
  • database_server

opensuse

  • opensuse
  • leap

canonical

  • ubuntu_linux

zlib

  • zlib