CVE-2016-9959

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write8 documents6 sources

Severity

7.8HIGH

EPSS

0.3%

top 45.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Game-music-emu Project Game-music-emu Opensuse Leap Opensuse Opensuse +6 more

Timeline

PublishedApr 12

Latest updateMay 14

Description

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages9 packages

▶Debiangame-music-emu< 0.6.0-4+3

▶NVDgame-music-emu_project/game-music-emu0.6.0

▶NVDopensuse/leap42.2

▶NVDopensuse/opensuse12.1

▶NVDopensuse_project/leap42.1

Also affects: Linux Enterprise 12.0

Patches

Patch: bitbucket.org ↗Patch: bitbucket.org ↗

🔴Vulnerability Details

GHSA

GHSA-fr5p-jv24-2gw9: game-music-emu before 0↗2022-05-14

▶

CVEList

CVE-2016-9959: game-music-emu before 0↗2017-04-12

▶

OSV

CVE-2016-9959: game-music-emu before 0↗2017-04-12

▶

📋Vendor Advisories

Debian

CVE-2016-9959: game-music-emu - game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-...↗2016

▶

💬Community

Bugzilla

CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961 game-music-emu: Multiple issues due to incorrect emulation of the SPC700 audio co-processor of SNES↗2016-12-16

▶

Bugzilla

CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961 game-music-emu: Multiple issues due to incorrect emulation of the SPC700 audio co-processor of SNES [epel-all]↗2016-12-16

▶

Bugzilla

CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961 game-music-emu: Multiple issues due to incorrect emulation of the SPC700 audio co-processor of SNES [fedora-all]↗2016-12-16

▶