Lucene search
AmazonALAS-2015-600HistoryOct 09, 2015 - 4:35 p.m.
Low: libunwind
2015-10-0916:35:00
alas.aws.amazon.com
19
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
EPSS
0
Percentile
5.1%
Issue Overview:
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data.
Affected Packages:
libunwind
Issue Correction:
Run yum update libunwind to update your system.
New Packages:
i686:
libunwind-devel-1.1-10.8.amzn1.i686
libunwind-1.1-10.8.amzn1.i686
libunwind-debuginfo-1.1-10.8.amzn1.i686
src:
libunwind-1.1-10.8.amzn1.src
x86_64:
libunwind-1.1-10.8.amzn1.x86_64
libunwind-debuginfo-1.1-10.8.amzn1.x86_64
libunwind-devel-1.1-10.8.amzn1.x86_64
Additional References
Red Hat: CVE-2015-3239
Mitre: CVE-2015-3239
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | libunwind-devel | < 1.1-10.8.amzn1 | libunwind-devel-1.1-10.8.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libunwind | < 1.1-10.8.amzn1 | libunwind-1.1-10.8.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libunwind-debuginfo | < 1.1-10.8.amzn1 | libunwind-debuginfo-1.1-10.8.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | libunwind | < 1.1-10.8.amzn1 | libunwind-1.1-10.8.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libunwind-debuginfo | < 1.1-10.8.amzn1 | libunwind-debuginfo-1.1-10.8.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libunwind-devel | < 1.1-10.8.amzn1 | libunwind-devel-1.1-10.8.amzn1.x86_64.rpm |
Related
debian
debian
[SECURITY] [DLA 271-1] libunwind security update
2015-07-12 10:34:54
nessus
nessus
openSUSE Security Update : libunwind (openSUSE-2019-61)
2019-01-22 00:00:00
Debian DLA-271-1 : libunwind security update
2015-07-14 00:00:00
SUSE SLED12 / SLES12 Security Update : libunwind (SUSE-SU-2019:0284-1)
2019-02-08 00:00:00
cvelist
cvelist
CVE-2015-3239
2015-08-26 19:00:00
cve
cve
CVE-2015-3239
2015-08-26 19:59:04
veracode
veracode
Unauthorized Access
2020-05-05 04:43:07
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-600)
2015-10-13 00:00:00
Fedora Update for libunwind FEDORA-2015-11354
2015-07-22 00:00:00
openSUSE: Security Advisory for libunwind (openSUSE-SU-2019:0061-1)
2019-01-18 00:00:00
suse
suse
Security update for libunwind (low)
2019-01-18 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: libunwind-1.1-10.fc21
2015-07-30 00:37:23
[SECURITY] Fedora 22 Update: libunwind-1.1-10.fc22
2015-07-21 08:09:08
redhat
redhat
(RHSA-2015:1769) Low: libunwind security update
2015-09-10 00:00:00
(RHSA-2015:1768) Low: libunwind security update
2015-09-10 00:00:00
(RHSA-2015:1675) Low: libunwind security update
2015-08-24 00:00:00
prion
prion
Code injection
2015-08-26 19:59:00
osv
osv
libunwind - security update
2015-07-12 00:00:00
archlinux
archlinux
libunwind: denial of service
2015-10-05 00:00:00
debiancve
debiancve
CVE-2015-3239
2015-08-26 19:59:04
ubuntucve
ubuntucve
CVE-2015-3239
2015-08-26 00:00:00
mageia
mageia
Updated libunwind package fixes security vulnerability
2015-08-10 17:31:41
ibm
ibm
nvd
nvd
CVE-2015-3239
2015-08-26 19:59:04
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
EPSS
0
Percentile
5.1%
Related for ALAS-2015-600