retired/CVE-2016-8632


1
2
3
4
5
6
7
8
9
10
11
12
13

Description: TIPC subsystem: tipc_msg_build() doesn't validate MTU, may cause memory corruption
References:
 https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
Notes:
 bwh> Introduced by commit 067608e9d019d6477fd45dd948e81af0e5bf599f (3.17-rc1)
 bwh> "tipc: introduce direct iovec to buffer chain fragmentation function"
Bugs:
upstream: released (4.9-rc8) [3de81b758853f0b29c61e246679d20b513c4cfec]
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.8.15-1)
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"