CVE-2016-9276

Опубликовано: 23 мар. 2017

Источник: debian

EPSS Низкий

Описание

The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dwarfutils	fixed	20161124-1		package
dwarfutils	no-dsa		jessie	package
dwarfutils	no-dsa		wheezy	package

Примечания

https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c
Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part of the commit.

EPSS

Процентиль: 74%

0.00822

Низкий

Связанные уязвимости

CVE-2016-9276

CVSS3: 7.5

ubuntu

почти 9 лет назад

The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).

CVE-2016-9276

CVSS3: 3.3

redhat

около 9 лет назад

The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).

CVE-2016-9276

CVSS3: 7.5

nvd

почти 9 лет назад

The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).

GHSA-j6h7-j266-6vgf

CVSS3: 7.5

github

больше 3 лет назад

The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).

EPSS

Процентиль: 74%

0.00822

Низкий