CVE-2016-10253

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-10253
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10253.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10253
Downstream
Related
Published
2017-03-18T20:59:00.127Z
Modified
2026-04-10T03:47:22.170694Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.

References

Affected packages

Git / github.com/erlang/otp

Affected ranges

Type
GIT
Repo
https://github.com/erlang/otp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
74a95b3d511177a9b35c2b0272b9ca5511b6f750
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bf3b377220f2531b9b101f32222067beb3ea750b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6a3e878126da1e8d75c704510c7a7339ff306138
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1c14bf099be15790ccbe56f464e81a9557476b3f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
61828f77ca2542109ece006d730a4f8fe3300616
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6b4c2dbd1b4a30f421611987acec6315c62ac9d5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1523be48ab4071b158412f4b06fe9c8d6ba3e73c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a2c538dee3013bb6285027d9ae45b7f055e8e8eb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3c799a7ee5ee26f643c7ffad79c81d6156f3dac6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fe1df7fc6bf050cb6c9bbd99eb9393c426b62f67
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9dd0c95d56ec33bde9668bb47668aa27981ea18d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c24a4bf84029d06cc79f49634684cd6d2eeafb62
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b855206a1a7788216717ca272f44e9beb1f58e7c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
21d6192389a04024f7a41ced9d0911a9cce6f4e8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7cf9a621c5280a3e97967c4c63ab6ca1adde69c3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d96471b3f404f7341279d8598dd74d92fb1a923c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d646221c59fbf57d5beac913248b46f5dbebfbe7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c0540f1b946d699afbe496ab7c481d88eb9ae78b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5e1b5ef47f3f2b898d30e0425823835bd9a574d4
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
afe72bfc1448ff426c38eceb7412f69e973aef62
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fea24ae8d37b33e97ef1897d0d3b6cdb2338c051
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1ab69efa960703b86a13ea6ba96f4fd56f1565f9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
53e7743216647d810d529e397bd3ea7278c6047c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5cf780148575f1ea4c460d7c9783831e6fbce9ff
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f5ef4087331c0181fd154dcaa372a05e6f8bd408
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e7966ef5cb0c2337a674d8cdca7c89802fa01bf6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7518684155aaabdde97c7b624803523c045bc185
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
79ea550fdf9ebd02c1932728dac509cd0d520a7c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3b7a6ffddc819bf305353a593904cea9e932e7dc
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f68a3780fbcc836c7036b55db5ee1d0447213c8f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2c9dba638a8bda92e3db2d5c07e6ba251330c7ca
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0573efbc18fc20f8646cf3ff64d2affd06e03cb8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b490fb8664ec6e5ceaadc1c74350dc666f5406d2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
020d38d4c9062f255b52eeb35542152c7cff1598
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
19db7510939149206017c925032d390da9a83fe9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
71894a879d6254693791585246ce340dd7414b82
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
226a754d1f4babb262b2a15569b174921f97ad86
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
33b39b559a31c38465dfc038218f432c9c60a9ad
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e6059f94571a6c968c15b9de6b7d63ebd64f9acf
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
310b00b7fc18b5883f5f2cb1b992deb1dd6c9a65
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7a5356d99d8f01572b67305cc9a86446fad351e3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a59807ef9a6a8af6eb6f13976eb405ddb9baad6c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1c2149818396bdefe9eff995184f8864f18fca3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
926391fbb8761d5833b3a6f5c9e523fcda373c6d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2b41d8f318b7e5ec139d42fd2f01a132699be839
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6ceb840258a6faf74f63b481198ae4bf9399f2d0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3473ecd83a7bbe7e0bebb865f25dddb93e3bf10f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bca5bf5a2d68a0e9ca681363a8943809c4751950
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
51faafa9a20c4afa7944b8089b26f22c774bed19
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
aa315e1cf1b79ab782e5b4c944595495ebf4e2f4
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
677cbdffef317aaff00f1ef7eda0e28bd88fbb96
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a748cafdc7063d9f181ba12088db6458793ced2f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d25ad84195ca42969fbfb017a52aab8c8effc246
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6acb7d6fb8d23c0b0b78d30a618d2636ad463e6e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0298a195873c606ac885d37f54a098eca3d7905a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f954cdea9b67369185094a3aea7cb611dd680b3c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
87bca557898bea79dbd53d59b21f6e7384e3a25d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
da06fd040775fffee17409ebbd6fa797e34d6f99
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8d9cde83b628533ae7a5fe85a5dd9c6c00c084e3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0c0d7899f869eae275a9dd2677791f34bbd25bfe
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2cc46961352aded5c84ecb9bcb32581461dbc047
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e64a1f429ec5f7534e0201fed42967aeb1aae8d8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2e7160f3c28d495a8b798c5f8b484b1b977cee8e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
33521da61673b890bcd05eda02f38fea1fe58a30
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bf70d8de7a6c52cb3ba51ae3e5506d8fc31bbc69
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
90edf69ba7acbfaa55a709fa115ce8bb782b9dc9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3d0c4930775cf2ab304d5e4701b41ffc2936ce53
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.0.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.1.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.2.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.3.4.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.0.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.1.6.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.2.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.2.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.2.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "19.3.6.9"
        }
    ]
}

Affected versions

OTP-17.*
OTP-17.0
OTP-18.*
OTP-18.0
OTP-18.0-rc1
OTP-18.0-rc2
OTP-18.0.1
OTP-18.0.2
OTP-18.0.3
OTP-18.1
OTP-18.1.1
OTP-18.1.2
OTP-18.1.3
OTP-18.1.4
OTP-18.1.5
OTP-18.2
OTP-18.2.1
OTP-18.2.2
OTP-18.2.3
OTP-18.2.4
OTP-18.2.4.1
OTP-18.3
OTP-18.3.1
OTP-18.3.2
OTP-18.3.3
OTP-18.3.4
OTP-18.3.4.1
OTP-18.3.4.2
OTP-18.3.4.3
OTP-18.3.4.4
OTP-18.3.4.5
OTP-19.*
OTP-19.0
OTP-19.0-rc1
OTP-19.0-rc2
OTP-19.0.1
OTP-19.0.2
OTP-19.0.3
OTP-19.0.4
OTP-19.0.5
OTP-19.0.6
OTP-19.0.7
OTP-19.1
OTP-19.1.1
OTP-19.1.2
OTP-19.1.3
OTP-19.1.4
OTP-19.1.5
OTP-19.1.6
OTP-19.1.6.1
OTP-19.2
OTP-19.2.1
OTP-19.2.2
OTP-19.2.3
OTP-19.2.3.1
OTP-19.3
OTP-19.3.1
OTP-19.3.2
OTP-19.3.3
OTP-19.3.4
OTP-19.3.5
OTP-19.3.6
OTP-19.3.6.1
OTP-19.3.6.2
OTP-19.3.6.3
OTP-19.3.6.4
OTP-19.3.6.5
OTP-19.3.6.6
OTP-19.3.6.7
OTP-19.3.6.8
OTP-19.3.6.9
OTP_17.*
OTP_17.0-rc1
OTP_17.0-rc2
Other
OTP_R13B03
OTP_R13B04
OTP_R14A
OTP_R14B
OTP_R14B01
OTP_R14B02
OTP_R14B03
OTP_R15A
OTP_R15B
OTP_R16A_RELEASE_CANDIDATE
OTP_R16B

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10253.json"