An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usage.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | libunwind | 2015-10-09 16:35 | ALAS-2015-600 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 3.3 | AV:L/AC:M/Au:N/C:P/I:P/A:N |
NVD | CVSSv2 | 3.3 | AV:L/AC:M/Au:N/C:P/I:P/A:N |