CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27545
https://notcve.org/view.php?id=CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2025694 https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea https://sourceforge.net/projects/libdwarf https://www.prevanders.net/dwarfbug.html#DW202010-001 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28163
https://notcve.org/view.php?id=CVE-2020-28163
libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2026000 https://github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3 https://www.prevanders.net/dwarfbug.html#DW202010-003 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14249
https://notcve.org/view.php?id=CVE-2019-14249
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump. En el archivo dwarf_elf_load_headers.c en libdwarf antes del 05-07-2019 permite a los atacantes causar una denegación de servicio (división por cero) por medio de un archivo ELF con un grupo de sección de tamaño cero (SHT_GROUP), como es demostrado por dwarfdump. • http://www.securityfocus.com/bid/109380 https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599 https://sourceforge.net/p/libdwarf/code/merge-requests/4 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9482
https://notcve.org/view.php?id=CVE-2014-9482
Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file. Vulnerabilidad de uso de memoria previamente liberada en dwarfdump en libdwarf 20130126 hasta la versión 20140805 podría permitir que atacantes remotos provoquen una denegación de servicio (cierre inesperado del programa) mediante un archivo ELF manipulado. • http://www.openwall.com/lists/oss-security/2014/12/31/3 http://www.openwall.com/lists/oss-security/2015/01/03/14 http://www.securityfocus.com/bid/71839 https://bugzilla.redhat.com/show_bug.cgi?id=1178725 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9998
https://notcve.org/view.php?id=CVE-2017-9998
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. La función _dwarf_decode_s_leb128_chk del archivo dward_leb.c en libdward hasta el 28-06-2017 permite a un atacante remoto causar una denegación de servicio (fallo de segmentación) mediante la manipulación del archivo. • http://www.securityfocus.com/bid/99310 https://bugzilla.redhat.com/show_bug.cgi?id=1465756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •