CVE-2016-9039

CVSS 6.2 MEDIUMEPSS 0.5%

An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

Joyent · SmartOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://www.securityfocus.com/bid/95916 http://www.talosintelligence.com/reports/TALOS-2016-0257/