CVE-2015-3239
Public on 2015-08-26
Modified on 2015-10-09
Description
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usage.
Severity
Low
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | libunwind | 2015-10-09 | ALAS-2015-600 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 3.3 | AV:L/AC:M/Au:N/C:P/I:P/A:N |
| NVD | CVSSv2 | 3.3 | AV:L/AC:M/Au:N/C:P/I:P/A:N |