Vulnerability Details CVE-2022-32200
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069
- https://github.com/davea42/libdwarf-code/issues/116
- https://www.prevanders.net/dwarfbug.html
- https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069
- https://github.com/davea42/libdwarf-code/issues/116
- https://www.prevanders.net/dwarfbug.html
Products affected by CVE-2022-32200
-
cpe:2.3:a:libdwarf_project:libdwarf:0.4.0