Explore top 10 tips to secure your open-source projects now. Read More
×
Arch Linux Security Advisory ASA-201510-1 ======================================== Severity: Low Date : 2015-10-05 CVE-ID : CVE-2015-3239 Package : libunwind Type : denial of service Remote : No Link : https://wiki.archlinux.org/title/CVE Summary ====== The package libunwind before version 1.1-3 is vulnerable to denial of service due to an off-by-one error. Resolution ========= Upgrade to 1.1-3. # pacman -Syu "libunwind>=1.1-3" Workaround ========= None. Description ========== - CVE-2015-3239 (Unspecified Impact): Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. Impact ===== An attacker could crash the library. References ========= https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3239 https://bugzilla.redhat.com/show_bug.cgi?id=1232265 https://bugs.archlinux.org/task/46474