Low
Canonical Ubuntu
It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)
It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9842)
It was discovered that zlib incorrectly handled vectors involving big-endian CRC calculation. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9843)
CVEs contained in this USN include: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843.
Severity is low unless otherwise noted.
Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:
2020-01-22: Initial vulnerability report published.
CPE | Name | Operator | Version |
---|---|---|---|
xenial stemcells | lt | 621.55 | |
xenial stemcells | lt | 456.96 | |
xenial stemcells | lt | 315.167 | |
xenial stemcells | lt | 250.181 | |
xenial stemcells | lt | 170.201 | |
xenial stemcells | lt | 97.230 |