CVE-2016-6323

Name of the Vulnerable Software and Affected Versions GNU C Library versions prior to 2.25

Description The issue is related to the makecontext function in the GNU C Library, which creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms. This might allow attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation. The vulnerability is also associated with inadequate access control, allowing a remote attacker to cause a denial of service.

Recommendations For GNU C Library versions prior to 2.25, update to version 2.25 or later to resolve the issue. As a temporary workaround, consider restricting the use of the makecontext function until a patch is available.