VDB
ALPINE-CVE-2016-6318
ALPINE-CVE-2016-6318
PUBLISHED
CVSS 7.800000190734863 HIGH
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.19 | cracklib | 2.8.16-r1, 2.8.13-r1, 2.8.13-r0 |
| Alpine:v3.21 | cracklib | 2.8.13-r0, 2.8.13-r1, 2.8.16-r1 |
| Alpine:v3.18 | cracklib | 2.9.1-r0, 0, 2.9.6-r0 |
| Alpine:v3.22 | cracklib | 2.9.6-r0, 0, 0 |
| Alpine:v3.13 | cracklib | 2.9.1-r0, 0, 0 |
| Alpine:v3.14 | cracklib | 0, 0, 2.8.13-r0 |
| Alpine:v3.23 | cracklib | 0, 0, 2.8.13-r0 |
| Alpine:v3.24 | cracklib | 0 |
| Alpine:v3.17 | cracklib | 0, 0, 2.9.6-r0 |
| Alpine:v3.10 | cracklib | 2.9.0-r0, 2.8.16-r2, 2.9.0-r0 |
| Alpine:v3.15 | cracklib | 2.9.6-r0, 2.9.4-r0, 2.9.1-r0 |
| Alpine:v3.20 | cracklib | 2.8.16-r1, 0, 2.8.13-r1 |
| Alpine:v3.16 | cracklib | 2.8.13-r1, 2.8.13-r0, 2.8.16-r1 |
| Alpine:v3.11 | cracklib | 2.8.16-r1, 0, 2.8.13-r0 |
| Alpine:v3.12 | cracklib | 2.8.13-r1, 0, 2.9.6-r0 |
Timeline
- Sep 7, 2016 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 9, 2026 CVE Updated