CVE-2017-9055

Опубликовано: 18 мая 2017

Источник: debian

Описание

An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dwarfutils	fixed	20170416-2		package
dwarfutils	fixed	20161124-1+deb9u1	stretch	package
dwarfutils	no-dsa		jessie	package
dwarfutils	no-dsa		wheezy	package

Примечания

https://www.prevanders.net/dwarfbug.html#DW201703-001

Связанные уязвимости

CVE-2017-9055

CVSS3: 9.8

ubuntu

больше 8 лет назад

An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.

CVE-2017-9055

CVSS3: 3.3

redhat

почти 9 лет назад

An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.

CVE-2017-9055

CVSS3: 9.8

nvd

больше 8 лет назад

An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.

GHSA-jhp8-f6xc-jffq

CVSS3: 9.8

github

больше 3 лет назад

An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.