Vulnerability Details : CVE-2016-0746
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2016-0746
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-0746
4.47%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-0746
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-0746
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-0746
-
http://seclists.org/fulldisclosure/2021/Sep/36
Full Disclosure: APPLE-SA-2021-09-20-4 Xcode 13Mailing List;Third Party Advisory
-
https://bto.bluecoat.com/security-advisory/sa115
SA115 : Multiple nginx DNS resolver vulnerabilitiesThird Party Advisory
-
http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2892-1
USN-2892-1: nginx vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
openSUSE-SU-2016:0371-1: moderate: Security update for nginxMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1302588
1302588 – (CVE-2016-0746) CVE-2016-0746 nginx: use-after-free during CNAME response processing in resolverIssue Tracking;Patch;Third Party Advisory
-
https://support.apple.com/kb/HT212818
About the security content of Xcode 13 - Apple SupportThird Party Advisory
-
https://security.gentoo.org/glsa/201606-06
nginx: Multiple vulnerabilities (GLSA 201606-06) — Gentoo securityThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3473
Debian -- Security Information -- DSA-3473-1 nginxThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2016:1425
RHSA-2016:1425 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securitytracker.com/id/1034869
nginx DNS Processing Flaws Let Remote Users Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
Jump to