Search for vulnerabilities
Vulnerability details: VCID-nfvf-9bnx-aaap
Vulnerability ID VCID-nfvf-9bnx-aaap
Aliases CVE-2017-16359
Summary In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-476 NULL Pointer Dereference
System Score Found at
generic_textual Untriaged http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16359.html
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00159 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2017-16359
generic_textual Untriaged https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16359
generic_textual Untriaged https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e
generic_textual Untriaged https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882
generic_textual Untriaged https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
generic_textual Untriaged https://github.com/radare/radare2/issues/8764
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2017-16359
cvssv3 5.5 https://nvd.nist.gov/vuln/detail/CVE-2017-16359
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16359.html
https://api.first.org/data/v1/epss?cve=CVE-2017-16359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16359
https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e
https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882
https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
https://github.com/radare/radare2/issues/8764
880616 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880616
cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.0.1:*:*:*:*:*:*:*
CVE-2017-16359 https://nvd.nist.gov/vuln/detail/CVE-2017-16359
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-16359
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-16359
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.51884
EPSS Score 0.00152
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.