CVE-2016-6323
published 2016-10-07CVE-2016-6323: The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit)…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glibc | < glibc 2.24-1 (bookworm) | glibc 2.24-1 (bookworm) |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.10 | 2.19-0ubuntu6.10 |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.11 | 2.19-0ubuntu6.11 |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| gnu | glibc | <= 2.24 | — |
| gnu | glibc | >= 0 < 2.24-1 | 2.24-1 |
| gnu | glibc | >= 0 < 2.24-1 | 2.24-1 |
| gnu | glibc | >= 0 < 2.24-1 | 2.24-1 |
| gnu | glibc | >= 0 < 2.24-1 | 2.24-1 |
| gnu | glibc | >= 0 < 2.23-0ubuntu6 | 2.23-0ubuntu6 |
| gnu | glibc | >= 0 < 2.23-0ubuntu7 | 2.23-0ubuntu7 |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH