CVE-2015-3239
Publication date 26 August 2015
Last updated 5 December 2024
Ubuntu priority
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
Status
Package | Ubuntu Release | Status |
---|---|---|
android-platform-external-libunwind | 24.10 oracular |
Not affected
|
24.04 LTS noble |
Not affected
|
|
22.04 LTS jammy |
Not affected
|
|
20.04 LTS focal |
Not affected
|
|
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
libunwind | 24.10 oracular |
Not affected
|
24.04 LTS noble |
Not affected
|
|
22.04 LTS jammy |
Not affected
|
|
20.04 LTS focal |
Not affected
|
|
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
racket | 24.10 oracular |
Vulnerable
|
24.04 LTS noble |
Vulnerable
|
|
22.04 LTS jammy |
Vulnerable
|
|
20.04 LTS focal |
Vulnerable
|
|
18.04 LTS bionic |
Vulnerable
|
|
16.04 LTS xenial |
Vulnerable
|
|
14.04 LTS trusty | Not in release | |
Notes
seth-arnold
I saw nothing in callers of this macro that would prevent less-than-zero accesses: input params were sometimes integers, sometimes harder to determine the type. Debian codesearch shows many duplications of the <= mistake with dwarf_to_unw_regnum arrays in other files, not just the one dwarf_i.h.
mdeslaur
We do not support security updates for Android components, marking as ignored.