Libdwarf Project: >> Libdwarf Security Vulnerabilities
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-02-13
The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-01-31
The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-01-23
libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.
CVSS Score
9.1
EPSS Score
0.004
Published
2016-11-29
The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-02-08
Page 5