Vulnerabilities > Libdwarf Project

DATE CVE VULNERABILITY TITLE RISK
2023-04-16 CVE-2020-27545 Release of Invalid Pointer or Reference vulnerability in Libdwarf Project Libdwarf
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
network
low complexity
libdwarf-project CWE-763
6.5
2023-04-16 CVE-2020-28163 NULL Pointer Dereference vulnerability in Libdwarf Project Libdwarf
libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.
network
low complexity
libdwarf-project CWE-476
6.5
2022-09-02 CVE-2022-39170 Double Free vulnerability in multiple products
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
network
low complexity
libdwarf-project fedoraproject CWE-415
8.8
2022-06-23 CVE-2022-34299 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 0.4.0
There is a heap-based buffer over-read in libdwarf 0.4.0.
5.8
2022-06-02 CVE-2022-32200 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 0.4.0
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
6.8
2019-07-24 CVE-2019-14249 Divide By Zero vulnerability in Libdwarf Project Libdwarf
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
4.3
2018-01-16 CVE-2014-9482 Use After Free vulnerability in Libdwarf Project Libdwarf
Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.
4.3
2017-06-28 CVE-2017-9998 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libdwarf Project Libdwarf
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
4.3
2017-06-07 CVE-2015-8538 Improper Input Validation vulnerability in Libdwarf Project Libdwarf
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
4.3
2017-05-18 CVE-2017-9055 Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf 20170321
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21.
network
low complexity
libdwarf-project CWE-125
7.5