Vulnerability Details : CVE-2016-9843


CVE Name: CVE-2016-9843: Other vulnerability on Zlib Zlib, Opensuse Leap, Opensuse Opensuse, Debian Debian Linux, Canonical Ubuntu Linux, Oracle Mysql, Oracle Database Server, Oracle Jdk, Oracle Jre, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Workstation, Redhat Enterprise Linux Server, Redhat Enterprise Linux Eus, Redhat Satellite, Apple Tvos, Apple Iphone Os, Apple Watchos, Apple Mac Os X, Netapp Snapcenter, Netapp Oncommand Workflow Automation, Netapp Oncommand Insight, Netapp Active Iq Unified Manager, Mariadb Mariadb
Description: The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Publish date: 2017-05-23T04:29Z
Last Update: 2022-06-27T16:40Z

CVSS Scores & Vulnerability Types


CVSS Score
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH
Actack VectorNETWORK
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Vulnerability Type(s)Other
CWE IDN/I

Detail of Verions Affected


# Product Type Vendor Product Version
1 Application Zlib Zlib *
2 Operating System Opensuse Leap 42.2
3 Operating System Opensuse Leap 42.1
4 Operating System Opensuse Opensuse 13.2
5 Operating System Debian Debian Linux 8.0
6 Operating System Canonical Ubuntu Linux 18.04 Lts
7 Operating System Canonical Ubuntu Linux 16.04 Esm
8 Application Oracle Mysql *
9 Application Oracle Mysql *
10 Application Oracle Mysql *
11 Application Oracle Mysql *
12 Application Oracle Database Server 18C
13 Application Oracle Jdk 1.8.0 Update144
14 Application Oracle Jdk 1.7.0 Update151
15 Application Oracle Jdk 1.6.0 Update161
16 Application Oracle Jre 1.6.0 Update161
17 Application Oracle Jre 1.8.0 Update144
18 Application Oracle Jre 1.7.0 Update151
19 Operating System Redhat Enterprise Linux Desktop 7.0
20 Operating System Redhat Enterprise Linux Workstation 7.0
21 Operating System Redhat Enterprise Linux Server 7.0
22 Operating System Redhat Enterprise Linux Desktop 6.0
23 Operating System Redhat Enterprise Linux Server 6.0
24 Operating System Redhat Enterprise Linux Workstation 6.0
25 Operating System Redhat Enterprise Linux Eus 7.4
26 Operating System Redhat Enterprise Linux Eus 7.5
27 Application Redhat Satellite 5.8
28 Operating System Apple Tvos *
29 Operating System Apple Iphone Os *
30 Operating System Apple Watchos *
31 Operating System Apple Mac Os X *
32 Application Netapp Snapcenter
33 Application Netapp Oncommand Workflow Automation
34 Application Netapp Oncommand Insight
35 Application Netapp Active Iq Unified Manager * Windows
36 Application Netapp Active Iq Unified Manager * Vmware Vsphere
37 Application Mariadb Mariadb *
38 Application Mariadb Mariadb *
39 Application Mariadb Mariadb *
40 Application Mariadb Mariadb *
41 Application Mariadb Mariadb *

References For CVE-2016-9843


Hyperlink Resource
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib Third Party Advisory
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf Exploit, Technical Description, Third Party Advisory
https://security.gentoo.org/glsa/201701-56 Third Party Advisory
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1402351 Issue Tracking, Patch, Third Party Advisory
http://www.securityfocus.com/bid/95131 Third Party Advisory, VDB Entry
http://www.openwall.com/lists/oss-security/2016/12/05/21 Mailing List, Patch, Third Party Advisory, VDB Entry
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html Mailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html Mailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html Mailing List, Third Party Advisory
http://www.securitytracker.com/id/1039427 Third Party Advisory, VDB Entry
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch, Third Party Advisory
https://support.apple.com/HT208144 Third Party Advisory
https://support.apple.com/HT208115 Third Party Advisory
https://support.apple.com/HT208113 Third Party Advisory
https://support.apple.com/HT208112 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3047 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3046 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3453 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2999 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1222 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1221 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1220 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory
http://www.securitytracker.com/id/1041888 Third Party Advisory, VDB Entry
https://security.netapp.com/advisory/ntap-20181018-0002/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html Mailing List, Third Party Advisory
https://usn.ubuntu.com/4246-1/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html Mailing List, Third Party Advisory
https://usn.ubuntu.com/4292-1/ Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
https://security.gentoo.org/glsa/202007-54 Third Party Advisory