CVE-2016-9961

high-risk

Published 2017-06-06

game-music-emu before 0.6.1 mishandles unspecified integer values.

Do I need to act?

2.8% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Game-Music-Emu

Fedora

Leap

Suse Linux Enterprise Desktop

Fedora

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Game-Music-Emu Project Opensuse Project Novell Fedoraproject Opensuse

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html

Mailing List http://www.openwall.com/lists/oss-security/2016/12/15/11

Third Party Advisory http://www.securityfocus.com/bid/95305

Third Party Advisory https://bitbucket.org/mpyne/game-music-emu/wiki/Home

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1405423

Exploit https://scarybeastsecurity.blogspot.cz/2016/12/redux-compromising-linux-using-sn...

https://security.gentoo.org/glsa/201707-02

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html

Mailing List http://www.openwall.com/lists/oss-security/2016/12/15/11

Third Party Advisory http://www.securityfocus.com/bid/95305

Third Party Advisory https://bitbucket.org/mpyne/game-music-emu/wiki/Home

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1405423

and 4 more references

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 6/34 · Minimal

Exposure 17/34 · Moderate