CVE-2016-8597

Name of the Vulnerable Software and Affected Versions libcsp library versions 1.4 and earlier

Description The issue is related to a buffer overflow in the csp sfp recv fp function in csp sfp.c. This allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets.

Recommendations For libcsp library versions 1.4 and earlier, consider applying a patch or fix to address the buffer overflow issue in the csp sfp recv fp function. As a temporary workaround, restrict access to the SFP underlying network layers to minimize the risk of exploitation.