Improper input validation in Illumos
CVE-2016-6560
illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash.
EPSS: 0.005 (65.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.6 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.
Affected products
- Illumos
- Illumos Osnet-incorporation — versions proir to osnet-incorporation@0.5.11,5.11-2016.0.1.15933
Weakness classification (CWE)
References
- cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cret@cert.org (x_refsource_CONFIRM, Patch, Third Party Advisory)
- cret@cert.org (x_refsource_CONFIRM, Third Party Advisory)
Frequently asked questions
- What is CVE-2016-6560?
- CVE-2016-6560 is a high-severity vulnerability in Illumos, classified under CWE-195. CVSS score: 8.6/10. Published 2017-03-31.
- How severe is CVE-2016-6560?
- High severity. CVSS v3 base score is 8.6 out of 10.