CVE-2024-2002

Опубликовано: 18 мар. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

Ссылки

https://access.redhat.com/security/cve/CVE-2024-2002
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2267700
Issue Tracking
https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-2002
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2267700
Issue Tracking
https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/
Mailing List

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*

Версия от 0.1.0 (включая) до 0.9.2 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00106

Низкий

7.5 High

CVSS3

Дефекты

CWE-415

Связанные уязвимости

CVE-2024-2002

CVSS3: 7.5

ubuntu

больше 1 года назад

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

CVE-2024-2002

CVSS3: 7.5

redhat

больше 1 года назад

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

CVE-2024-2002

CVSS3: 7.5

msrc

больше 1 года назад

Описание отсутствует

CVE-2024-2002

CVSS3: 7.5

debian

больше 1 года назад

A double-free vulnerability was found in libdwarf. In a multiply-corru ...

ROS-20241008-01

CVSS3: 7.5

redos

9 месяцев назад

Уязвимость libdwarf

EPSS

Процентиль: 30%

0.00106

Низкий

7.5 High

CVSS3

Дефекты

CWE-415