What is CVE-2016-9039?

CVE-2016-9039 is a medium-severity vulnerability in Joyent Smartos, classified under Uncontrolled Resource Consumption. CVSS score: 6.2/10. Published 2017-01-31.

How severe is CVE-2016-9039?

Medium severity. CVSS v3 base score is 6.2 out of 10.

Resource exhaustion in Joyent Smartos

CVE-2016-9039

An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocate…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.001 (22.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Joyent Smartos — versions OS 20161110T013148Z, 20161110t013148z

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

talos-cna@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
talos-cna@cisco.com (Technical Description, Exploit, VDB Entry, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2016-9039?: CVE-2016-9039 is a medium-severity vulnerability in Joyent Smartos, classified under Uncontrolled Resource Consumption. CVSS score: 6.2/10. Published 2017-01-31.
How severe is CVE-2016-9039?: Medium severity. CVSS v3 base score is 6.2 out of 10.