Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libdwarf Project Subscribe
Total 42 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-39170 2 Fedoraproject, Libdwarf Project 2 Fedora, Libdwarf 2022-09-29 N/A 8.8 HIGH
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
CVE-2022-34299 1 Libdwarf Project 1 Libdwarf 2022-06-29 5.8 MEDIUM 8.1 HIGH
There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b.
CVE-2022-32200 1 Libdwarf Project 1 Libdwarf 2022-06-10 6.8 MEDIUM 7.8 HIGH
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
CVE-2016-7410 1 Libdwarf Project 1 Libdwarf 2022-04-11 4.3 MEDIUM 5.5 MEDIUM
The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file.
CVE-2015-8538 1 Libdwarf Project 1 Libdwarf 2022-04-06 4.3 MEDIUM 6.5 MEDIUM
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
CVE-2017-9998 1 Libdwarf Project 1 Libdwarf 2022-03-01 4.3 MEDIUM 6.5 MEDIUM
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
CVE-2017-9055 1 Libdwarf Project 1 Libdwarf 2022-03-01 7.5 HIGH 9.8 CRITICAL
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.
CVE-2016-9276 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).
CVE-2016-9558 1 Libdwarf Project 1 Libdwarf 2022-03-01 7.5 HIGH 9.8 CRITICAL
(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."
CVE-2017-9054 1 Libdwarf Project 1 Libdwarf 2022-03-01 7.5 HIGH 9.8 CRITICAL
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer was dereferenced just before it was checked for being in bounds, leading to a heap-based buffer over-read.
CVE-2016-9275 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).
CVE-2017-9053 1 Libdwarf Project 1 Libdwarf 2022-03-01 6.4 MEDIUM 9.1 CRITICAL
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function).
CVE-2016-8680 1 Libdwarf Project 1 Libdwarf 2022-03-01 4.3 MEDIUM 6.5 MEDIUM
The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.
CVE-2016-7510 1 Libdwarf Project 1 Libdwarf 2022-03-01 4.3 MEDIUM 6.5 MEDIUM
The read_line_table_program function in dwarf_line_table_reader_common.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted input.
CVE-2016-8679 1 Libdwarf Project 1 Libdwarf 2022-03-01 4.3 MEDIUM 6.5 MEDIUM
The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.
CVE-2016-5044 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section.
CVE-2016-5042 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.
CVE-2016-5043 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section.
CVE-2016-5041 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name.
CVE-2016-5039 1 Libdwarf Project 1 Libdwarf 2022-03-01 5.0 MEDIUM 7.5 HIGH
The get_attr_value function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted object with all-bits on.