CVE-2016-9040

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service.
References
Link Resource
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 Exploit Technical Description Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:joyent:smartos:20161110t013148z:*:*:*:*:*:*:*

History

21 Nov 2024, 03:00

Type Values Removed Values Added
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 - Exploit, Technical Description, Third Party Advisory () https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 - Exploit, Technical Description, Third Party Advisory

Information

Published : 2018-09-07 12:29

Updated : 2024-11-21 03:00


NVD link : CVE-2016-9040

Mitre link : CVE-2016-9040

CVE.ORG link : CVE-2016-9040


JSON object : View

Products Affected

joyent

  • smartos
CWE
CWE-400

Uncontrolled Resource Consumption