CVE-2016-9843

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
References
Link Resource
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib Third Party Advisory
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf Exploit Technical Description Third Party Advisory
https://security.gentoo.org/glsa/201701-56 Third Party Advisory
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1402351 Issue Tracking Patch Third Party Advisory
http://www.securityfocus.com/bid/95131 Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2016/12/05/21 Mailing List Patch Third Party Advisory VDB Entry
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html Mailing List Third Party Advisory
http://www.securitytracker.com/id/1039427 Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
https://support.apple.com/HT208144 Third Party Advisory
https://support.apple.com/HT208115 Third Party Advisory
https://support.apple.com/HT208113 Third Party Advisory
https://support.apple.com/HT208112 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3047 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3046 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3453 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2999 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1222 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1221 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1220 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
http://www.securitytracker.com/id/1041888 Third Party Advisory VDB Entry
https://security.netapp.com/advisory/ntap-20181018-0002/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html Mailing List Third Party Advisory
https://usn.ubuntu.com/4246-1/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html Mailing List Third Party Advisory
https://usn.ubuntu.com/4292-1/ Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
https://security.gentoo.org/glsa/202007-54 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*

History

22 Jun 2022, 17:18

Type Values Removed Values Added
CWE CWE-189 NVD-CWE-noinfo
First Time Redhat enterprise Linux Workstation
Oracle jre
Oracle database Server
Apple tvos
Oracle jdk
Redhat enterprise Linux Server
Zlib zlib
Canonical
Netapp
Netapp snapcenter
Debian debian Linux
Apple watchos
Redhat enterprise Linux Desktop
Redhat enterprise Linux Eus
Oracle mysql
Apple iphone Os
Redhat
Debian
Apple
Redhat satellite
Canonical ubuntu Linux
Netapp oncommand Workflow Automation
Apple mac Os X
Netapp oncommand Insight
Zlib
Oracle
Netapp active Iq Unified Manager
CPE cpe:2.3:a:gnu:zlib:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html - (MLIST) https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html - Mailing List, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1221 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1221 - Third Party Advisory
References (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=1402351 - Issue Tracking, Patch (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=1402351 - Issue Tracking, Patch, Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1222 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1222 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208113 - (CONFIRM) https://support.apple.com/HT208113 - Third Party Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2016/12/05/21 - Patch, Third Party Advisory, VDB Entry (MLIST) http://www.openwall.com/lists/oss-security/2016/12/05/21 - Mailing List, Patch, Third Party Advisory, VDB Entry
References (CONFIRM) https://security.netapp.com/advisory/ntap-20181018-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20181018-0002/ - Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1039427 - (SECTRACK) http://www.securitytracker.com/id/1039427 - Third Party Advisory, VDB Entry
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - Patch, Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1041888 - (SECTRACK) http://www.securitytracker.com/id/1041888 - Third Party Advisory, VDB Entry
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:2999 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:2999 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3453 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3453 - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html - Mailing List, Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208115 - (CONFIRM) https://support.apple.com/HT208115 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208112 - (CONFIRM) https://support.apple.com/HT208112 - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4292-1/ - (UBUNTU) https://usn.ubuntu.com/4292-1/ - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3047 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3047 - Third Party Advisory
References (CONFIRM) https://support.apple.com/HT208144 - (CONFIRM) https://support.apple.com/HT208144 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:1220 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:1220 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3046 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3046 - Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/202007-54 - (GENTOO) https://security.gentoo.org/glsa/202007-54 - Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Patch, Third Party Advisory
References (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4246-1/ - (UBUNTU) https://usn.ubuntu.com/4246-1/ - Third Party Advisory
References (CONFIRM) https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 - Patch, Vendor Advisory (CONFIRM) https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 - Patch, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html - Mailing List, Third Party Advisory

Information

Published : 2017-05-23 04:29

Updated : 2022-06-22 17:18


NVD link : CVE-2016-9843

Mitre link : CVE-2016-9843


JSON object : View

Products Affected

redhat

  • enterprise_linux_eus
  • enterprise_linux_workstation
  • satellite
  • enterprise_linux_server
  • enterprise_linux_desktop

netapp

  • oncommand_workflow_automation
  • active_iq_unified_manager
  • snapcenter
  • oncommand_insight

apple

  • watchos
  • iphone_os
  • tvos
  • mac_os_x

debian

  • debian_linux

oracle

  • jre
  • mysql
  • jdk
  • database_server

opensuse

  • opensuse
  • leap

canonical

  • ubuntu_linux

zlib

  • zlib