<= Back

AOSA-2016-0030: Update Glibc to 2.24-2

December 1, 2016

Please update your glibc package to version 2.24-2, especially if you are using ARMv7 (armel).

A fix was recently committed to Glibc's Git master to fix the following vulnerability:

CVE-2016-6323

And the vulnerability states:

"The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation."

Copyleft 2011–2024, Members of the Community   |   Site Language