CVE-2016-2182

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-2182
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2182.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-2182
Related
Published
2016-09-16T05:59:02Z
Modified
2024-09-18T02:20:58.759411Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

References

Affected packages

Alpine:v3.2 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2f-r0
1.0.2g-r0
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.3 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2f-r0
1.0.2g-r0
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.4 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2e-r1
1.0.2f-r0
1.0.2f-r1
1.0.2f-r2
1.0.2g-r0
1.0.2g-r1
1.0.2g-r2
1.0.2g-r3
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.5 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2e-r1
1.0.2f-r0
1.0.2f-r1
1.0.2f-r2
1.0.2g-r0
1.0.2g-r1
1.0.2g-r2
1.0.2g-r3
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.6 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2e-r1
1.0.2f-r0
1.0.2f-r1
1.0.2f-r2
1.0.2g-r0
1.0.2g-r1
1.0.2g-r2
1.0.2g-r3
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.7 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2e-r1
1.0.2f-r0
1.0.2f-r1
1.0.2f-r2
1.0.2g-r0
1.0.2g-r1
1.0.2g-r2
1.0.2g-r3
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Alpine:v3.8 / openssl

Package

Name
openssl
Purl
pkg:apk/alpine/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2h-r3

Affected versions

0.*

0.9.8i-r0
0.9.8j-r0
0.9.8k-r0
0.9.8k-r1
0.9.8k-r2
0.9.8k-r3
0.9.8k-r4
0.9.8k-r5
0.9.8k-r6
0.9.8k-r7
0.9.8l-r0
0.9.8l-r1
0.9.8m-r0
0.9.8n-r0
0.9.8n-r1

1.*

1.0.0-r0
1.0.0a-r0
1.0.0a-r1
1.0.0a-r2
1.0.0a-r3
1.0.0a-r4
1.0.0b-r0
1.0.0c-r0
1.0.0d-r0
1.0.0e-r0
1.0.0f-r0
1.0.0g-r0
1.0.0h-r0
1.0.1-r0
1.0.1a-r0
1.0.1b-r0
1.0.1c-r0
1.0.1c-r1
1.0.1c-r2
1.0.1c-r3
1.0.1d-r0
1.0.1d-r1
1.0.1e-r0
1.0.1e-r1
1.0.1e-r2
1.0.1e-r3
1.0.1e-r4
1.0.1e-r5
1.0.1e-r6
1.0.1e-r7
1.0.1f-r0
1.0.1g-r0
1.0.1g-r1
1.0.1g-r2
1.0.1g-r3
1.0.1h-r0
1.0.1i-r0
1.0.1i-r1
1.0.1i-r2
1.0.1i-r3
1.0.1j-r0
1.0.1k-r0
1.0.1l-r0
1.0.2-r0
1.0.2a-r0
1.0.2a-r1
1.0.2b-r0
1.0.2c-r0
1.0.2d-r0
1.0.2e-r0
1.0.2e-r1
1.0.2f-r0
1.0.2f-r1
1.0.2f-r2
1.0.2g-r0
1.0.2g-r1
1.0.2g-r2
1.0.2g-r3
1.0.2h-r0
1.0.2h-r1
1.0.2h-r2

Debian:11 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2i-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2i-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2i-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Last affected

Affected versions

Other

BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_0_0
OpenSSL_1_0_0-beta1
OpenSSL_1_0_0-beta2
OpenSSL_1_0_0-beta3
OpenSSL_1_0_0-beta4
OpenSSL_1_0_0-beta5
OpenSSL_1_0_0a
OpenSSL_1_0_1
OpenSSL_1_0_1-beta1
OpenSSL_1_0_1-beta2
OpenSSL_1_0_1-beta3
OpenSSL_1_0_1-post-auto-reformat
OpenSSL_1_0_1-post-reformat
OpenSSL_1_0_1-pre-auto-reformat
OpenSSL_1_0_1-pre-reformat
OpenSSL_1_0_1a
OpenSSL_1_0_1b
OpenSSL_1_0_1c
OpenSSL_1_0_1d
OpenSSL_1_0_1e
OpenSSL_1_0_1f
OpenSSL_1_0_1g
OpenSSL_1_0_1h
OpenSSL_1_0_1i
OpenSSL_1_0_1j
OpenSSL_1_0_1k
OpenSSL_1_0_1l
OpenSSL_1_0_1m
OpenSSL_1_0_1n
OpenSSL_1_0_1o
OpenSSL_1_0_1p
OpenSSL_1_0_1q
OpenSSL_1_0_1r
OpenSSL_1_0_1s
OpenSSL_1_0_1t
OpenSSL_1_0_1u
OpenSSL_1_0_2
OpenSSL_1_0_2-beta1
OpenSSL_1_0_2-beta2
OpenSSL_1_0_2-beta3
OpenSSL_1_0_2-post-auto-reformat
OpenSSL_1_0_2-post-reformat
OpenSSL_1_0_2-pre-auto-reformat
OpenSSL_1_0_2-pre-reformat
OpenSSL_1_0_2a
OpenSSL_1_0_2b
OpenSSL_1_0_2c
OpenSSL_1_0_2d
OpenSSL_1_0_2e
OpenSSL_1_0_2f
OpenSSL_1_0_2g
OpenSSL_1_0_2h
OpenSSL_1_0_2i
OpenSSL_1_0_2j
OpenSSL_1_0_2k
OpenSSL_1_0_2l
OpenSSL_1_0_2m
OpenSSL_1_0_2n
OpenSSL_1_0_2o
OpenSSL_1_0_2p
OpenSSL_1_0_2q
OpenSSL_1_0_2r
OpenSSL_1_0_2s
OpenSSL_1_0_2t
OpenSSL_1_0_2u
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat

openssl-3.*

openssl-3.0.0
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2