Bug 1232265 (CVE-2015-3239)
Summary: | CVE-2015-3239 libunwind: off-by-one in dwarf_to_unw_regnum() | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vasyl Kaigorodov <vkaigoro> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | abaron, aortega, apevec, ayoung, carnil, chrisw, dallan, fweimer, gkotton, gmollett, hhorak, jorton, jrusnack, jschluet, lhh, lpeer, markmc, mmaslano, mskalick, rbryant, rharwood, sclewis, security-response-team, sisharma, slong, tdecacqu, virt-maint, vkaigoro, yeylon |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usage.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-01-28 20:51:00 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1233114, 1238264, 1238265, 1238852, 1238853, 1238854, 1238855, 1238856, 1238857, 1238858, 1238859, 1250665 | ||
Bug Blocks: | 1232274 |
Description
Vasyl Kaigorodov
2015-06-16 11:44:54 UTC
Upstream fix: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1 Created libunwind tracking bugs for this issue: Affects: fedora-all [bug 1238264] Affects: epel-all [bug 1238265] libunwind-1.1-10.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. libunwind-1.1-10.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. Acknowledgements: This issue was discovered by Paolo Bonzini of Red Hat. libunwind-1.1-3.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. libunwind-1.1-10.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: OpenStack 6 for RHEL 7 Via RHSA-2015:1675 https://rhn.redhat.com/errata/RHSA-2015-1675.html This issue has been addressed in the following products: OpenStack 5 for RHEL 7 Via RHSA-2015:1769 https://rhn.redhat.com/errata/RHSA-2015-1769.html This issue has been addressed in the following products: OpenStack 5 for RHEL 6 Via RHSA-2015:1768 https://rhn.redhat.com/errata/RHSA-2015-1768.html |