CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27545
https://notcve.org/view.php?id=CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2025694 https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea https://sourceforge.net/projects/libdwarf https://www.prevanders.net/dwarfbug.html#DW202010-001 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28163
https://notcve.org/view.php?id=CVE-2020-28163
libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2026000 https://github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3 https://www.prevanders.net/dwarfbug.html#DW202010-003 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14249
https://notcve.org/view.php?id=CVE-2019-14249
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump. En el archivo dwarf_elf_load_headers.c en libdwarf antes del 05-07-2019 permite a los atacantes causar una denegación de servicio (división por cero) por medio de un archivo ELF con un grupo de sección de tamaño cero (SHT_GROUP), como es demostrado por dwarfdump. • http://www.securityfocus.com/bid/109380 https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599 https://sourceforge.net/p/libdwarf/code/merge-requests/4 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9998
https://notcve.org/view.php?id=CVE-2017-9998
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. La función _dwarf_decode_s_leb128_chk del archivo dward_leb.c en libdward hasta el 28-06-2017 permite a un atacante remoto causar una denegación de servicio (fallo de segmentación) mediante la manipulación del archivo. • http://www.securityfocus.com/bid/99310 https://bugzilla.redhat.com/show_bug.cgi?id=1465756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5027
https://notcve.org/view.php?id=CVE-2016-5027
dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. dwarf_form.c en libdwarf 20160115 permite a atacantes provocar una denegación de servicio (caída) a través de un archivo elf manipulado. • http://www.openwall.com/lists/oss-security/2016/05/24/1 http://www.openwall.com/lists/oss-security/2016/05/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=1330237 • CWE-476: NULL Pointer Dereference •