Memory Leak in CHICKEN's process-execute and process-spawn Procedures

Memory Leak in CHICKEN's process-execute and process-spawn Procedures

CVE-2016-6831 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released).

Learn more about our Web Application Penetration Testing UK.