CVE-2016-2177

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-2177

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2177.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-2177

Downstream

ALPINE-CVE-2016-2177

BELL-CVE-2016-2177

DEBIAN-CVE-2016-2177

DLA-637-1

DSA-3673-1

RHSA-2016:1940

RHSA-2017:0193

RHSA-2017:0194

RHSA-2017:1658

SUSE-FU-2022:0445-1

SUSE-SU-2016:2387-1

SUSE-SU-2016:2394-1

SUSE-SU-2016:2458-1

SUSE-SU-2016:2468-1

SUSE-SU-2016:2469-1

SUSE-SU-2016:2545-1

SUSE-SU-2017:2699-1

SUSE-SU-2017:2700-1

UBUNTU-CVE-2016-2177

USN-3087-1

USN-3181-1

openSUSE-SU-2024:10271-1

openSUSE-SU-2024:11127-1

Related

Published

2016-06-20T01:59:02.087Z

Modified

2026-03-15T22:22:35.782155Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr.c, sslsess.c, and t1_lib.c.

References

Affected packages

Git / github.com/openssl/openssl

Affected ranges

Type

GIT

Repo

https://github.com/openssl/openssl

Events

Introduced

Last affected

e2885ef548103d332889de78b51be4303ea79938

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

888759a1d38197f29de7227876c3b58fbff8549f

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e818b74be2170fbe957a07b0da4401c2b694b3b8

Introduced

Last affected

e6738d4be8d4ef42f213921351e7e9df79be7d1a

Introduced

Last affected

543e15a3c0139e6026ce194f8c8465fb9a559986

Introduced

Last affected

fe707c3260cb44f5e7d701cf87e1197712ec7d43

Introduced

Last affected

bb67f28a1ea032b8cc338b4a510b2c885d32d876

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1f"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1g"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1h"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1i"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1j"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1k"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1l"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1m"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1n"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1o"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1p"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1q"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1r"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1s"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1t"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2f"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2g"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2h"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10"
        }
    ]
}

Affected versions

3.*

3.0-PRE-CLANG-FORMAT-WEBKIT

Other

BEFORE_engine

BEN_FIPS_TEST_1

BEN_FIPS_TEST_2

BEN_FIPS_TEST_3

BEN_FIPS_TEST_5

BEN_FIPS_TEST_7

OpenSSL_0_9_1c

OpenSSL_0_9_2b

OpenSSL_0_9_3

OpenSSL_0_9_3a

OpenSSL_0_9_3beta2

OpenSSL_0_9_4

OpenSSL_0_9_5a

OpenSSL_0_9_5a-beta1

OpenSSL_0_9_5a-beta2

OpenSSL_0_9_5beta1

OpenSSL_0_9_5beta2

OpenSSL_0_9_6-beta3

OpenSSL_0_9_7

OpenSSL_0_9_7-beta1

OpenSSL_0_9_7-beta2

OpenSSL_0_9_7-beta3

OpenSSL_0_9_7-beta4

OpenSSL_0_9_7-beta6

OpenSSL_0_9_7a

OpenSSL_0_9_7b

OpenSSL_0_9_7c

OpenSSL_0_9_7e

OpenSSL_1_0_0

OpenSSL_1_0_0-beta1

OpenSSL_1_0_0-beta2

OpenSSL_1_0_0-beta3

OpenSSL_1_0_0-beta4

OpenSSL_1_0_0-beta5

OpenSSL_1_0_0a

OpenSSL_1_0_1

OpenSSL_1_0_1-beta1

OpenSSL_1_0_1-beta2

OpenSSL_1_0_1-beta3

OpenSSL_1_0_1-post-auto-reformat

OpenSSL_1_0_1-post-reformat

OpenSSL_1_0_1-pre-auto-reformat

OpenSSL_1_0_1-pre-reformat

OpenSSL_1_0_1a

OpenSSL_1_0_1b

OpenSSL_1_0_1c

OpenSSL_1_0_1d

OpenSSL_1_0_1e

OpenSSL_1_0_1f

OpenSSL_1_0_1g

OpenSSL_1_0_1h

OpenSSL_1_0_1i

OpenSSL_1_0_1j

OpenSSL_1_0_1k

OpenSSL_1_0_1l

OpenSSL_1_0_1m

OpenSSL_1_0_1n

OpenSSL_1_0_1o

OpenSSL_1_0_1p

OpenSSL_1_0_1q

OpenSSL_1_0_1r

OpenSSL_1_0_1s

OpenSSL_1_0_1t

OpenSSL_1_0_1u

OpenSSL_1_0_2

OpenSSL_1_0_2-beta1

OpenSSL_1_0_2-beta2

OpenSSL_1_0_2-beta3

OpenSSL_1_0_2-post-auto-reformat

OpenSSL_1_0_2-post-reformat

OpenSSL_1_0_2-pre-auto-reformat

OpenSSL_1_0_2-pre-reformat

OpenSSL_1_0_2a

OpenSSL_1_0_2b

OpenSSL_1_0_2c

OpenSSL_1_0_2d

OpenSSL_1_0_2e

OpenSSL_1_0_2f

OpenSSL_1_0_2g

OpenSSL_1_0_2h

OpenSSL_1_0_2i

OpenSSL_1_0_2j

OpenSSL_1_0_2k

OpenSSL_1_0_2l

OpenSSL_1_0_2m

OpenSSL_1_0_2n

OpenSSL_1_0_2o

OpenSSL_1_0_2p

OpenSSL_1_0_2q

OpenSSL_1_0_2r

OpenSSL_1_0_2s

OpenSSL_1_0_2t

OpenSSL_1_0_2u

OpenSSL_1_1_0-pre1

OpenSSL_1_1_0-pre2

OpenSSL_1_1_0-pre3

OpenSSL_1_1_0-pre4

OpenSSL_1_1_0-pre5

OpenSSL_1_1_0-pre6

OpenSSL_1_1_1

OpenSSL_1_1_1-pre1

OpenSSL_1_1_1-pre2

OpenSSL_1_1_1-pre3

OpenSSL_1_1_1-pre4

OpenSSL_1_1_1-pre5

OpenSSL_1_1_1-pre6

OpenSSL_1_1_1-pre7

OpenSSL_1_1_1-pre8

OpenSSL_1_1_1-pre9

master-post-auto-reformat

master-post-reformat

master-pre-auto-reformat

master-pre-reformat

openssl-3.*

openssl-3.0.0

openssl-3.0.0-alpha1

openssl-3.0.0-alpha10

openssl-3.0.0-alpha11

openssl-3.0.0-alpha12

openssl-3.0.0-alpha13

openssl-3.0.0-alpha14

openssl-3.0.0-alpha15

openssl-3.0.0-alpha16

openssl-3.0.0-alpha17

openssl-3.0.0-alpha2

openssl-3.0.0-alpha3

openssl-3.0.0-alpha4

openssl-3.0.0-alpha5

openssl-3.0.0-alpha6

openssl-3.0.0-alpha7

openssl-3.0.0-alpha8

openssl-3.0.0-alpha9

openssl-3.0.0-beta1

openssl-3.0.0-beta2

openssl-3.0.1

openssl-3.0.10

openssl-3.0.11

openssl-3.0.12

openssl-3.0.13

openssl-3.0.14

openssl-3.0.15

openssl-3.0.16

openssl-3.0.17

openssl-3.0.18

openssl-3.0.2

openssl-3.0.3

openssl-3.0.4

openssl-3.0.5

openssl-3.0.6

openssl-3.0.7

openssl-3.0.8

openssl-3.0.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2177.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11.3"
            }
        ]
    }
]