Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 18 Aug 2016 11:51:02 +0200
From: Florian Weimer <>
Subject: CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes
 backtrace generation to hang

Andreas Schwab of SuSE reported and fixed a glibc bug where the 
makecontext function would create an execution context which is 
incompatible with the unwinder, causing it to hang when the generation 
of a backtrace is attempted:;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617

This is a minor denial-of-service vulnerability.

The bug is specific to ARM EABI (32-bit) and does not affect other 
architectures.  So far, only certain applications compiled using gccgo 
(not the main toolchain) are known to be affected.

Red Hat Product Security has assigned CVE-2016-6323 to this issue.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.