Vulnerabilities (CVE)

Filtered by vendor Libdwarf Project Subscribe

Filtered by product Libdwarf

Total 44 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-9052	1 Libdwarf Project	1 Libdwarf	2019-10-18	7.5 HIGH	9.8 CRITICAL
An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few places in this function) and a failure in a check in dwarf_attr_list().
CVE-2016-2091	1 Libdwarf Project	1 Libdwarf	2019-10-02	4.3 MEDIUM	3.3 LOW
The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.
CVE-2019-14249	1 Libdwarf Project	1 Libdwarf	2019-08-05	4.3 MEDIUM	6.5 MEDIUM
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
CVE-2016-9480	1 Libdwarf Project	1 Libdwarf	2016-12-22	6.4 MEDIUM	9.1 CRITICAL
libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.