PT-2017-9727 · None · Libdwarf
Adam Mariš
·
Publicado
2017-02-15
·
Atualizado
2022-03-01
·
CVE-2016-8679
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Libdwarf versions prior to 20161124
Description
The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by calling the dwarfdump command on a crafted file. This is due to a problem in the
dwarf get size of val function in libdwarf/dwarf util.c.Recommendations
For versions prior to 20161124, update to version 20161124 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the dwarfdump command on untrusted files until the update is applied.
Exploit
Correção
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Libdwarf