CVE-2016-4429 vulnerability

Waldemar Brodkorb wbx at uclibc-ng.org
Wed Aug 10 17:28:32 UTC 2016


Hi,
siva gopi raju kudeti wrote,

> Hi Waldemar,
> 
> Thanks for the immediate replay.
> 
> The patch you given looks good. I will make out this patch.
> 
> After that, testing with the IPERF or PING is fine or any other way is
> there to test.
> 
> Can you please suggest me to do that.

Not sure how to test it. May be there is some information about it
in the CVE. As it is in the RPC code, I suggest using some RPC
services like NFSv3.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4429

I am not sure if any exploit exist, which you could use that
the buffer overflow is fixed.

best regards
 Waldemar


More information about the uClibc mailing list