Launchpad CVE tracker

CVE 2016-6263

The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.

Related bugs and status

CVE-2016-6263 (Candidate) is related to these bugs:

Bug #1773363: glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+

		In	Importance	Status
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	GLibC	Medium	Fix Released
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Cosmic)	Undecided	Won't Fix
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu)	Medium	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Cosmic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-6263

References