Описание
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| dwarfutils | fixed | 1:0.11.1-1~exp1 | experimental | package |
| dwarfutils | fixed | 1:0.11.1-1 | package | |
| dwarfutils | ignored | bookworm | package | |
| dwarfutils | no-dsa | bullseye | package | |
| dwarfutils | no-dsa | buster | package | |
| dwarfutils | no-dsa | stretch | package |
Примечания
Fixed by: https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069 (libdwarf-0.4.1)
https://github.com/davea42/libdwarf-code/issues/116
https://www.prevanders.net/dwarfbug.html#DW202205-001
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 3 лет назад
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
CVSS3: 7.8
nvd
больше 3 лет назад
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
CVSS3: 7.8
github
больше 3 лет назад
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.