CVE-2016-5042

Опубликовано: 17 фев. 2017

Источник: debian

Описание

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dwarfutils	fixed	20160507-1		package
dwarfutils	fixed	20120410-2+deb8u1	jessie	package

Примечания

https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/

Связанные уязвимости

CVE-2016-5042

CVSS3: 7.5

ubuntu

почти 9 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

CVE-2016-5042

redhat

почти 10 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

CVE-2016-5042

CVSS3: 7.5

nvd

почти 9 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

GHSA-xgfr-63pq-c6gp

CVSS3: 7.5

github

больше 3 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.