Critical severity9.8NVD Advisory· Published Feb 13, 2017· Updated Jun 17, 2026
CVE-2016-8859
CVE-2016-8859
Description
Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords5 versionspkg:rpm/opensuse/agrep&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cri-o&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/cri-tools&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/go1.14&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/kubernetes&distro=openSUSE%20Leap%2015.1
< 0.8.0_git201402282055-5.8+ 4 more
- (no CPE)range: < 0.8.0_git201402282055-5.8
- (no CPE)range: < 1.17.1-lp151.2.2
- (no CPE)range: < 1.18.0-lp151.2.1
- (no CPE)range: < 1.14-lp151.6.1
- (no CPE)range: < 1.18.0-lp151.5.1
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2016/10/19/1nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/10/19/10nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/93795nvdThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.htmlnvd
- security.gentoo.org/glsa/201701-11nvd
- security.gentoo.org/glsa/202007-43nvd
News mentions
0No linked articles in our index yet.