CVE-2016-9957

NONE EPSS 77.5%
Published Apr 12, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 12, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

Stack-based buffer overflow in game-music-emu before 0.6.1.

Threat Intelligence

EPSS Exploit Probability
77.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 9

VendorProductVersionRange
opensuseleap42.2any
opensuseopensuse12.1any
opensuse_projectleap42.1any
suselinux_enterprise12.0any
suselinux_enterprise_desktop12any
suselinux_enterprise_software_development_kit12any
suselinux_enterprise_workstation_extension12any
susesuse_linux_enterprise_server12any
game-music-emu_projectgame-music-emu* ≤0.6.0

References 11

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html
    Third Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2016/12/15/11
    Mailing ListThird Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/95305
    Third Party AdvisoryVDB Entry
  • bitbucket.org https://bitbucket.org/mpyne/game-music-emu/wiki/Home
    Patch
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/
  • scarybeastsecurity.blogspot.in https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html
    ExploitTechnical DescriptionThird Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/201707-02

Remediation

  • bitbucket.org https://bitbucket.org/mpyne/game-music-emu/wiki/Home
    Patch