Описание
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libelfin | removed | package | ||
| libelfin | ignored | bookworm | package | |
| libelfin | no-dsa | bullseye | package | |
| libelfin | no-dsa | buster | package | |
| libelfin | no-dsa | stretch | package |
Примечания
https://github.com/aclements/libelfin/issues/51
https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfto_string-at-dwarfvaluecc300
EPSS
Связанные уязвимости
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
Уязвимость функции dwarf::to_string библиотеки для чтения файлов ELF и DWARFv4 Libelfin, позволяющая нарушителю вызвать отказ в обслуживании
EPSS