Описание
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usage.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 1.1 | libunwind | Will not fix | ||
| Red Hat Ceph Storage 1.2 | libunwind | Will not fix | ||
| Red Hat Enterprise Linux 5 | libunwind | Not affected | ||
| Red Hat Enterprise Linux 7 | libunwind | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) Installer | libunwind | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | libunwind | Not affected | ||
| Red Hat Software Collections | mongodb24-libunwind | Will not fix | ||
| Red Hat Software Collections | rh-mongodb26-libunwind | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | libunwind | Fixed | RHSA-2015:1768 | 10.09.2015 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | libunwind | Fixed | RHSA-2015:1769 | 10.09.2015 |
Показывать по
Дополнительная информация
Статус:
3.3 Low
CVSS2
Связанные уязвимости
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_ ...
3.3 Low
CVSS2