CVE-2019-14249

Name of the Vulnerable Software and Affected Versions libdwarf versions prior to 2019-07-05

Description The issue is related to errors in handling division by zero in the dwarf elf load headers.c component of the libdwarf library, which provides access to DWARF debugging information. This can be exploited by an attacker to cause a denial of service via a specially crafted ELF file with a zero-size section group (SHT GROUP). The exploitation of this issue may allow a remote attacker to cause a denial of service.

Recommendations For versions prior to 2019-07-05, update to a version released after 2019-07-05 to resolve the issue. As a temporary workaround, consider restricting access to ELF files with zero-size section groups to minimize the risk of exploitation.