Vulnerability Details : CVE-2016-7164
The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.
Vulnerability category: Memory CorruptionInput validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2016-7164
Probability of exploitation activity in the next 30 days: 0.40%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 70 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-7164
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-7164
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7164
-
http://www.openwall.com/lists/oss-security/2016/09/08/7
oss-security - Re: CVE Request : Libtorrent 1.1.0 inflate_gzip denial of serviceMailing List;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/09/08/1
oss-security - CVE Request : Libtorrent 1.1.0 inflate_gzip denial of serviceMailing List;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/92891
Libtorrent CVE-2016-7164 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/arvidn/libtorrent/issues/1021
"Segmentation fault" (possible DoS) when parsing compressed data with function "inflate_gzip" · Issue #1021 · arvidn/libtorrent · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://github.com/arvidn/libtorrent/pull/1022
update puff.c for gzip inflation by arvidn · Pull Request #1022 · arvidn/libtorrent · GitHubIssue Tracking;Patch;Third Party Advisory
Products affected by CVE-2016-7164
- cpe:2.3:a:libtorrent:libtorrent:1.1:*:*:*:*:*:*:*