Rapid7 Vulnerability & Exploit Database

Alpine Linux: CVE-2017-9334: chicken Unsafe pointer dereference due to incorrect pair? check in Scheme "length" procedure

Back to Search

Alpine Linux: CVE-2017-9334: chicken Unsafe pointer dereference due to incorrect pair? check in Scheme "length" procedure

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
06/01/2017
Created
07/25/2018
Added
08/30/2017
Modified
12/04/2019

Description

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it.

Solution(s)

  • alpine-linux-upgrade-chicken

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;