Candidate: CVE-2016-8714
PublicDate: 2017-03-10 10:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8714
 http://www.talosintelligence.com/reports/TALOS-2016-0227/
Description:
 An exploitable buffer overflow vulnerability exists in the LoadEncoding
 functionality of the R programming language version 3.3.0. A specially
 crafted R script can cause a buffer overflow resulting in a memory
 corruption. An attacker can send a malicious R script to trigger this
 vulnerability.
Ubuntu-Description:
 It was discovered that a buffer overflow in R causes memory corruption. 
 An attacker could possibly use this to cause a denial of service or 
 execute arbitrary code.
Notes:
Bugs:
Priority: medium
Discovered-by: Cory Duplantis
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H [7.5 HIGH]

Patches_r-base:
upstream_r-base: needs-triage
precise_r-base: ignored (reached end-of-life)
precise/esm_r-base: DNE (precise was needed)
trusty_r-base: ignored (out of standard support)
trusty/esm_r-base: needed
vivid/stable-phone-overlay_r-base: DNE
vivid/ubuntu-core_r-base: DNE
xenial_r-base: ignored (end of standard support, was needed)
yakkety_r-base: ignored (reached end-of-life)
zesty_r-base: ignored (reached end-of-life)
artful_r-base: ignored (reached end-of-life)
bionic_r-base: not-affected
cosmic_r-base: not-affected
disco_r-base: not-affected
eoan_r-base: not-affected
focal_r-base: not-affected
groovy_r-base: not-affected
hirsute_r-base: not-affected
impish_r-base: not-affected
jammy_r-base: not-affected
devel_r-base: not-affected