PT-2017-8669 · None · Libdwarf
Publicado
2017-02-17
·
Atualizado
2022-03-01
·
CVE-2016-5042
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
libdwarf versions prior to 20160923
Description
The issue allows remote attackers to cause a denial of service, resulting in an infinite loop and crash, via a crafted DWARF section. This is due to a problem in the dwarf get aranges list function.
Recommendations
For versions prior to 20160923, update to version 20160923 or later to resolve the issue.
Exploit
Correção
Infinite Loop
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Libdwarf