Critical severity9.8NVD Advisory· Published Sep 16, 2016· Updated May 6, 2026
CVE-2016-2182
CVE-2016-2182
Description
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
51- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/92557nvdThird Party AdvisoryVDB Entry
- www.splunk.com/view/SP-CAAAPSVnvdThird Party Advisory
- www.splunk.com/view/SP-CAAAPUEnvdThird Party Advisory
- bto.bluecoat.com/security-advisory/sa132nvdThird Party Advisory
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party Advisory
- kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312nvdThird Party Advisory
- kc.mcafee.com/corporate/indexnvdThird Party Advisory
- www.tenable.com/security/tns-2016-16nvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-1940.htmlnvd
- seclists.org/fulldisclosure/2017/Jul/31nvd
- www.debian.org/security/2016/dsa-3673nvd
- www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-ennvd
- www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlnvd
- www.securitytracker.com/id/1036688nvd
- www.securitytracker.com/id/1037968nvd
- www.ubuntu.com/usn/USN-3087-1nvd
- www.ubuntu.com/usn/USN-3087-2nvd
- access.redhat.com/errata/RHSA-2018:2185nvd
- access.redhat.com/errata/RHSA-2018:2186nvd
- access.redhat.com/errata/RHSA-2018:2187nvd
- cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfnvd
- h20566.www2.hpe.com/hpsc/doc/public/displaynvd
- kc.mcafee.com/corporate/indexnvd
- security.freebsd.org/advisories/FreeBSD-SA-16:26.openssl.ascnvd
- source.android.com/security/bulletin/2017-03-01nvd
- source.android.com/security/bulletin/2017-03-01.htmlnvd
- support.f5.com/csp/article/K01276005nvd
- support.hpe.com/hpsc/doc/public/displaynvd
- support.hpe.com/hpsc/doc/public/displaynvd
- www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24nvd
- www.tenable.com/security/tns-2016-20nvd
- www.tenable.com/security/tns-2016-21nvd
News mentions
0No linked articles in our index yet.