Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2016-6323

Published: 07/10/2016 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Gnu

Vulnerability Summary

The makecontext function in the GNU C Library (aka glibc or libc6) prior to 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent malicious users to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu glibc

opensuse opensuse 13.2

fedoraproject fedora 25

fedoraproject fedora 24

fedoraproject fedora 23

Vendor Advisories

Debian CVElist Bug Report Logs: glibc: CVE-2016-6323: Missing unwind information on ARM
Debian Bug report logs - #834752 glibc: CVE-2016-6323: Missing unwind information on ARM Package: src:glibc; Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 18 Aug 2016 16:18:01 UTC Severity: normal Tags: fixed-upstream ...
Ubuntu Security Notice: eglibc regression
USN-3239-1 introduced a regression in the GNU C Library ...
Ubuntu Security Notice: eglibc, glibc vulnerabilities
Several security issues were fixed in the GNU C Library ...
Ubuntu Security Notice: eglibc, glibc regression
USN-3239-1 introduced a regression in the GNU C Library ...
Red Hat: CVE-2016-6323
The makecontext function in the GNU C Library (aka glibc or libc6) before 225 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation ...

References

CWE-284http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.htmlhttp://www.openwall.com/lists/oss-security/2016/08/18/12https://sourceware.org/bugzilla/show_bug.cgi?id=20435http://www.securityfocus.com/bid/92532http://www-01.ibm.com/support/docview.wss?uid=swg21995039https://security.gentoo.org/glsa/201706-19https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834752https://nvd.nist.govhttps://usn.ubuntu.com/3239-3/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook