CVE-2016-9040
First published: Fri Sep 07 2018(Updated: )
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Joyent SmartOS | =20161110t013148z |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2016-9040?
CVE-2016-9040 is a vulnerability that allows for a denial of service attack in the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system.
What is the severity of CVE-2016-9040?
The severity of CVE-2016-9040 is rated medium with a severity value of 5.5.
How does CVE-2016-9040 impact Joyent SmartOS OS?
CVE-2016-9040 allows an attacker to cause a denial of service on the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system.
How can I fix the CVE-2016-9040 vulnerability?
To fix the CVE-2016-9040 vulnerability, it is recommended to apply the necessary security patches or updates provided by Joyent.
Where can I find more information about CVE-2016-9040?
You can find more information about CVE-2016-9040 at the following link: [https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258](https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258).
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/joyent
- canonical/joyent smartos
- version/joyent smartos/20161110t013148z