CVE-2016-4973: Buffer Overflow
First published: Thu Apr 07 2016(Updated: )
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gnu Libssp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2016/08/17/6
- http://www.securityfocus.com/bid/92530
- https://bugzilla.redhat.com/show_bug.cgi?id=1324759
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=50460
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1144750&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1144750&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1144751&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1144751&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1145808&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1145808&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c4
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c6
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c8
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c9
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c10
- http://gcc.gnu.org/PR69383
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c11
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c13
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1324759#c15
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1165477&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1165477&action=edit
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-4973
- vendor/gnu
- canonical/gnu libssp