CVE-2020-24827

Name of the Vulnerable Software and Affected Versions Libelfin version 0.3

Description A vulnerability in the dwarf::cursor::skip form function allows attackers to cause a denial of service through a segmentation fault via a crafted ELF file. The issue is related to errors in resource release. Exploitation of the vulnerability enables a remote attacker to cause a denial of service using a specially crafted ELF file.

Recommendations For Libelfin version 0.3, consider disabling the dwarf::cursor::skip form function as a temporary workaround until a patch is available. Restrict access to crafted ELF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.