Critical severity9.1NVD Advisory· Published Aug 19, 2016· Updated Jun 17, 2026
CVE-2016-6254
CVE-2016-6254
Description
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/suse/collectd&distro=SUSE%20Lifecycle%20Management%20Server%201.3pkg:rpm/suse/collectd&distro=SUSE%20WebYast%201.3
< 4.9.4-0.25.1+ 1 more
- (no CPE)range: < 4.9.4-0.25.1
- (no CPE)range: < 4.9.4-0.25.1
Patches
Vulnerability mechanics
References
5- github.com/collectd/collectd/commit/b589096f907052b3a4da2b9ccc9b0e2e888dfc18nvdPatchThird Party Advisory
- collectd.org/news.shtmlnvdRelease NotesVendor Advisory
- www.debian.org/security/2016/dsa-3636nvdThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CM4W5SJ4OTBGINGIN4NJLXCUZAZANO6J/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIZ5UXDOB7BA5NGE2F2I2BL4K6763DHW/nvd
News mentions
0No linked articles in our index yet.