CVE-2016-6830

Name of the Vulnerable Software and Affected Versions CHICKEN Scheme versions prior to 4.12

Description The issue arises from the "process-execute" and "process-spawn" procedures in CHICKEN Scheme, which utilize fixed-size buffers to hold arguments and environment variables for the execve() call. This can lead to a buffer overrun when user-supplied argument or environment variable lists are used.

Recommendations For versions prior to 4.12, update to version 4.12 or 5.0 when available to resolve the issue. As a temporary workaround, consider restricting the use of the "process-execute" and "process-spawn" procedures to minimize the risk of exploitation.