CVE-2020-24821

Name of the Vulnerable Software and Affected Versions Libelfin version 0.3

Description The issue is related to the dwarf::cursor::skip form function in Libelfin, which can be exploited by attackers to cause a denial of service (DOS) through a segmentation fault. This can be achieved by using a crafted ELF file. The vulnerability is associated with insufficient neutralization of special elements in the request, allowing a remote attacker to disrupt service.

Recommendations For Libelfin version 0.3, consider disabling the dwarf::cursor::skip form function as a temporary workaround until a patch is available. Restrict access to the dwarf::cursor::skip form function to minimize the risk of exploitation. Avoid using crafted ELF files that could trigger the denial of service.