vulnerability

Ubuntu: (Multiple Advisories) (CVE-2016-4493): Valgrind vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Feb 24, 2017	Jun 21, 2017	May 5, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Feb 24, 2017

Added

Jun 21, 2017

Modified

May 5, 2025

Description

It was discovered that Valgrind incorrectly handled certain string
operations. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could possibly execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS and Ubuntu 16.10. (CVE-2016-2226)

It was discovered that Valgrind incorrectly handled parsing certain
binaries. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could use this issue to cause
Valgrind to crash, resulting in a denial of service. (CVE-2016-4487,
CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492,
CVE-2016-4493, CVE-2016-6131)

Solution(s)

ubuntu-pro-upgrade-binutilsubuntu-pro-upgrade-binutils-multiarchubuntu-pro-upgrade-gdbubuntu-pro-upgrade-libiberty-devubuntu-pro-upgrade-valgrind

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today