CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27545
https://notcve.org/view.php?id=CVE-2020-27545
15 Apr 2023 — libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28163
https://notcve.org/view.php?id=CVE-2020-28163
15 Apr 2023 — libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39170
https://notcve.org/view.php?id=CVE-2022-39170
02 Sep 2022 — libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c. libdwarf versión 0.4.1, presenta una doble liberación en la función _dwarf_exec_frame_instr en el archivo dwarf_frame.c • https://github.com/davea42/libdwarf-code/commit/60303eb80ecc7747bf29776d545e2a5c5a76f6f8 • CWE-415: Double Free •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34299
https://notcve.org/view.php?id=CVE-2022-34299
22 Jun 2022 — There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b. Se presenta una lectura excesiva del búfer en la región heap de la memoria en libdwarf versión 0.4.0. Este problema está relacionado con dwarf_global_formref_b • https://github.com/davea42/libdwarf-code/commit/7ef09e1fc9ba07653dd078edb2408631c7969162 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32200 – Ubuntu Security Notice USN-7576-1
https://notcve.org/view.php?id=CVE-2022-32200
01 Jun 2022 — libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. libdwarf versión 0.4.0, presenta una lectura excesiva del búfer en la región heap de la memoria en la función _dwarf_check_string_valid en el archivo dwarf_util.c It was discovered that dwarfutils did not correctly certain memory operations, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. • https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14249
https://notcve.org/view.php?id=CVE-2019-14249
24 Jul 2019 — dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump. En el archivo dwarf_elf_load_headers.c en libdwarf antes del 05-07-2019 permite a los atacantes causar una denegación de servicio (división por cero) por medio de un archivo ELF con un grupo de sección de tamaño cero (SHT_GROUP), como es demostrado por dwarfdump. • http://www.securityfocus.com/bid/109380 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9482
https://notcve.org/view.php?id=CVE-2014-9482
16 Jan 2018 — Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file. Vulnerabilidad de uso de memoria previamente liberada en dwarfdump en libdwarf 20130126 hasta la versión 20140805 podría permitir que atacantes remotos provoquen una denegación de servicio (cierre inesperado del programa) mediante un archivo ELF manipulado. • http://www.openwall.com/lists/oss-security/2014/12/31/3 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9998
https://notcve.org/view.php?id=CVE-2017-9998
28 Jun 2017 — The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. La función _dwarf_decode_s_leb128_chk del archivo dward_leb.c en libdward hasta el 28-06-2017 permite a un atacante remoto causar una denegación de servicio (fallo de segmentación) mediante la manipulación del archivo. • http://www.securityfocus.com/bid/99310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8538
https://notcve.org/view.php?id=CVE-2015-8538
07 Jun 2017 — dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV). dwarf_leb.c en libdwarf presenta una vulnerabilidad que permite a atacantes remotos causar una denegación de servicio (SIGSEGV). • http://www.openwall.com/lists/oss-security/2015/12/10/3 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9053
https://notcve.org/view.php?id=CVE-2017-9053
18 May 2017 — An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function). Un problema, que también se conoce como DW201703-005, se detectó en libdwarf el 21-03-2017. Una lectura excesiva de búfer en la región heap de la memoria en la función _dwarf_read_loc_expr_op() debido a un fallo al comprobar que un puntero este dentro de límites (en algunos lugare... • https://www.prevanders.net/dwarfbug.html • CWE-125: Out-of-bounds Read •