canonical ubuntu-linux CVE-2016-9597 vulnerability in Canonical and Other Products
Published on July 30, 2018

product logo product logo product logo product logo product logo
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

NVD

Weakness Type

What is a Stack Exhaustion Vulnerability?

The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.

CVE-2016-9597 has been classified to as a Stack Exhaustion vulnerability or weakness.


Products Associated with CVE-2016-9597

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2016-9597 are published in these products:

Canonical Ubuntu Linux
 
Xmlsoft Libxml2
 
Debian Linux
 
HP Icewall File Manager
 
HP Icewall Federation Agent
 
OpenSuse Leap
 

Affected Versions

Red Hat libxml2 Version all is affected by CVE-2016-9597

Exploit Probability

EPSS
1.25%
Percentile
79.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.