High severity7.5NVD Advisory· Published May 26, 2016· Updated Jun 17, 2026
CVE-2016-4021
CVE-2016-4021
Description
The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:pgpdump_project:pgpdump:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pgpdump_project:pgpdump:*:*:*:*:*:*:*:*range: <=0.29
- (no CPE)range: <0.30
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- seclists.org/bugtraq/2016/Apr/99nvdExploit
- www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txtnvdExploit
- lists.fedoraproject.org/pipermail/package-announce/2016-May/183750.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-May/184617.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-May/184689.htmlnvd
- github.com/kazu-yamamoto/pgpdump/pull/16nvd
News mentions
0No linked articles in our index yet.