Launchpad CVE tracker

CVE 2016-6261

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.

Related bugs and status

CVE-2016-6261 (Candidate) is related to these bugs:

Bug #1773363: glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+

		In	Importance	Status
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	GLibC	Medium	Fix Released
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Cosmic)	Undecided	Won't Fix
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu)	Medium	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Cosmic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-6261

References