CVE-2016-8859

Name of the Vulnerable Software and Affected Versions TRE library versions (affected versions not specified) musl libc versions (affected versions not specified)

Description The issue is related to multiple integer overflows in the TRE library and musl libc, which can be exploited by attackers to cause memory corruption. This can be achieved by providing a large number of states or tags, resulting in an out-of-bounds write.

Recommendations For TRE library versions, consider applying configuration changes to limit the number of states or tags that can be processed to prevent memory corruption. For musl libc versions, restrict access to the library to minimize the risk of exploitation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.