Search CVE reports
1 – 10 of 45 results
CVE-2024-2002
Medium priorityA double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-28163
Medium prioritylibdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Not affected | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-27545
Medium prioritylibdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Not affected | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-39170
Medium prioritylibdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-34299
Medium priorityThere is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-32200
Medium prioritylibdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-14249
Medium prioritydwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2014-9482
Medium priorityUse-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | — | — | — | Not affected | Not affected |
CVE-2017-9998
Medium priorityThe _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2015-8538
Medium prioritySome fixes available 2 of 5
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
1 affected packages
dwarfutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dwarfutils | — | — | — | — | Fixed |