UBUNTU-CVE-2016-20040

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2016-20040
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-20040
Upstream
  • CVE-2016-20040
Published
2026-03-28T12:15:00Z
Modified
2026-04-02T04:47:45Z
Severity
  • 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 8.6 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and overwrite the instruction pointer with malicious addresses.

References

Affected packages

Ubuntu:16.04:LTS / tiemu

Package

Name
tiemu
Purl
pkg:deb/ubuntu/tiemu@3.03-nogdb+dfsg-3?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.03-nogdb+dfsg-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tiemu",
            "binary_version": "3.03-nogdb+dfsg-3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json"

Ubuntu:18.04:LTS / tiemu

Package

Name
tiemu
Purl
pkg:deb/ubuntu/tiemu@3.04~git20110801-nogdb+dfsg-1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.04~git20110801-nogdb+dfsg-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tiemu",
            "binary_version": "3.04~git20110801-nogdb+dfsg-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json"

Ubuntu:20.04:LTS / tiemu

Package

Name
tiemu
Purl
pkg:deb/ubuntu/tiemu@3.04~git20110801-nogdb+dfsg1-2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.04~git20110801-nogdb+dfsg1-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tiemu",
            "binary_version": "3.04~git20110801-nogdb+dfsg1-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json"

Ubuntu:22.04:LTS / tiemu

Package

Name
tiemu
Purl
pkg:deb/ubuntu/tiemu@3.04~git20110801-nogdb+dfsg1-2build1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.04~git20110801-nogdb+dfsg1-2
3.04~git20110801-nogdb+dfsg1-2build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tiemu",
            "binary_version": "3.04~git20110801-nogdb+dfsg1-2build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json"

Ubuntu:24.04:LTS / tiemu

Package

Name
tiemu
Purl
pkg:deb/ubuntu/tiemu@3.04~git20220826.cda2db4+dfsg-2build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.04~git20220826.cda2db4+dfsg-2
3.04~git20220826.cda2db4+dfsg-2build1
3.04~git20220826.cda2db4+dfsg-2build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tiemu",
            "binary_version": "3.04~git20220826.cda2db4+dfsg-2build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-20040.json"