MidnightBSD

Advisories for bdwgc_project

CVE-2016-9427 HIGH

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-190,

Products Affected

Vendor Product Version
bdwgc_project bdwgc *
opensuse opensuse 13.2
opensuse leap 42.2
debian debian_linux 9.0
opensuse leap 42.1