{"id":"MGASA-2016-0396","summary":"Updated flex packages fix security vulnerability","details":"It was found that flex incorrectly resized the num_to_read variable in\nyy_get_next_buffer. The buffer is resized if this value is less or equal\nto zero. With special crafted input it is possible, that the buffer is not\nresized if the input is larger than the default buffer size of 16k. This\nallows a heap buffer overflow. It may be possible to exploit this\nremotely, depending on the application that is built using flex\n(CVE-2016-6354).\n\nNote that any affected applications would need to be rebuilt with the\nupdated flex to fully fix this issue.\n","modified":"2026-04-16T01:46:09.004837447Z","published":"2016-11-23T11:11:14Z","upstream":["CVE-2016-6354"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0396.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19063"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KZDEYNSCYVEMOKRO6EJOUZS7WM5WB43M/"}],"affected":[{"package":{"name":"flex","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/flex?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5.39-3.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0396.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}