CVE-2016-9039

CVE Database · CVE-2016-9039

CVE-2016-9039

· N/AModified

CVSS v3.1

N/A

EPSS

0.52%

Published

Jan 31, 2017

Modified

May 12, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.

Weaknesses (CWE)

CWE-400

Affected Products (1)

joyent · smartosvulnerable

References (4)

http://www.securityfocus.com/bid/95916

Third Party AdvisoryVDB Entry

http://www.talosintelligence.com/reports/TALOS-2016-0257/

ExploitTechnical DescriptionThird Party Advisory

http://www.securityfocus.com/bid/95916

Third Party AdvisoryVDB Entry

http://www.talosintelligence.com/reports/TALOS-2016-0257/

ExploitTechnical DescriptionThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs