Candidate: CVE-2017-9431
PublicDate: 2017-06-05 03:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9431
 https://github.com/grpc/grpc/pull/10492
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1018
Description:
 Google gRPC before 2017-04-05 has an out-of-bounds write caused by a
 heap-based buffer overflow related to core/lib/iomgr/error.c.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864210
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_grpc:
 upstream: https://github.com/grpc/grpc/commit/c6ec1155d026c91b1badb07ef1605bb747cff064
upstream_grpc: released (1.3.2-0.1)
precise/esm_grpc: DNE
trusty_grpc: DNE
trusty/esm_grpc: DNE
vivid/stable-phone-overlay_grpc: DNE
vivid/ubuntu-core_grpc: DNE
xenial_grpc: not-affected (code not present)
yakkety_grpc: ignored (reached end-of-life)
zesty_grpc: ignored (reached end-of-life)
artful_grpc: not-affected (1.3.2-0.2)
bionic_grpc: not-affected (1.3.2-0.2)
cosmic_grpc: not-affected (1.3.2-0.2)
devel_grpc: not-affected (1.3.2-0.2)