oss-sec mailing list archives
CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang
From: Florian Weimer <fweimer () redhat com>
Date: Thu, 18 Aug 2016 11:51:02 +0200
Andreas Schwab of SuSE reported and fixed a glibc bug where the makecontext function would create an execution context which is incompatible with the unwinder, causing it to hang when the generation of a backtrace is attempted:
https://sourceware.org/bugzilla/show_bug.cgi?id=20435 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 This is a minor denial-of-service vulnerability.The bug is specific to ARM EABI (32-bit) and does not affect other architectures. So far, only certain applications compiled using gccgo (not the main golang.org toolchain) are known to be affected.
Red Hat Product Security has assigned CVE-2016-6323 to this issue. Thanks, Florian
Current thread:
- CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang Florian Weimer (Aug 18)