参照: Official ubuntu advisory, NVD, CVE.org · CVE 詳細
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-8596 medium priority: Ubuntu including 1 source packages (libcsp), 23 status rows across 23 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, precise, questing, trusty, upstream, xenial, yakkety, zesty): DNE 16, ignored 4, needed 2, needs-triage 1.
Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.