It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libffi-dev", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi-dev-dbgsym", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi6", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi6-dbg", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi6-dbgsym", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi6-udeb", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" }, { "binary_name": "libffi6-udeb-dbgsym", "binary_version": "3.1~rc1+r3.0.13-12ubuntu0.2" } ] }