// For flags

CVE-2016-9035

 

Severity Score

7.0
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9033.

Existe un desbordamiento de búfer explotable en el sistema de archivo Joyent SmartOS 20161110T013148Z Hyprlofs. La vulnerabilidad está presente en el sistema de llamada loctl con el comando HYPRLOFS_ADD_ENTRIES cuando trabaja con sistemas de archivo nativos. Un atacante puede manipular una entrada que puede causar un desbordamiento de búfer en la variable path tratando con un acceso a memoria fuera de límites y puede resultar en una potencial escalada de privilegios. Esta vulnerabilidad es distinta de CVE-2016-9033.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-10-26 CVE Reserved
  • 2016-12-14 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Joyent
Search vendor "Joyent"
Smartos
Search vendor "Joyent" for product "Smartos"
20161110t013148z
Search vendor "Joyent" for product "Smartos" and version "20161110t013148z"
-
Affected