suse · CVE-2016-10196

Quick triage

Priority: medium 公開: 2021-05-30 13:49:18 UTC Updated: 2026-04-18 15:51:17 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-10196 severity moderate: SUSE including 48 source package names (MozillaFirefox-52.2.0esr-108.3, MozillaFirefox-52.2.0esr-72.5.2, …), 161 product×package rows across 31 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP2, … (31 product lines)): Fixed 137, Known Not Affected 24.

Description:

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

cvelogic Threat Intelligence