Boletines de Vulnerabilidades

DSA-3889 libffi - security update


Información sobre el sistema

   
Software afectado Debian

Descripción

libffi, a library used to call code written in one language from code writtenin a different language, was enforcing an executable stack on the i386architecture. While this might not be considered a vulnerability by itself,this could be leveraged when exploiting other vulnerabilities, like for examplethe stack clash class of vulnerabilities discovered by Qualys Research Labs.For the full details, please refer to their advisory published

More info:

https://www.debian.org/security/2017/dsa-3889

Identificadores estándar

Propiedad Valor
CVE CVE-2017-1000 and DSA-3889.

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2017-06-21

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT