ubuntu · CVE-2016-8596

Quick triage

Priority: medium Published: 2016-10-28 15:59:00 UTC Updated: 2025-08-26 11:56:14 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-8596 medium priority: Ubuntu including 1 source packages (libcsp), 23 status rows across 23 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, precise, questing, trusty, upstream, xenial, yakkety, zesty): DNE 16, ignored 4, needed 2, needs-triage 1.

Description:

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.

cvelogic Threat Intelligence