GNU libiberty CVE-2016-2226 Buffer Overflow Vulnerability

GNU libiberty is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.


Bugtraq ID: 90103
Class: Unknown
CVE: CVE-2016-2226

Remote: Yes
Local: No
Published: May 04 2016 12:00AM
Updated: Jul 26 2017 07:08PM
Credit: Marcel Böhme
Vulnerable: Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
GNU libiberty 0

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts