Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-28163

Опубликовано: 23 нояб. 2021
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

A flaw was found in libdwarf. A possible null pointer dereference vulnerability allows an attacker to input a specially crafted file, leading to a crash. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7libdwarfOut of support scope
Red Hat Enterprise Linux 8libdwarfWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2026685libdwarf: NULL pointer dereference due to corrupt line table header

EPSS

Процентиль: 30%
0.00111
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-28163

CVSS3: 6.5
ubuntu
почти 3 года назад

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

nvd логотип

CVE-2020-28163

CVSS3: 6.5
nvd
почти 3 года назад

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

msrc логотип

CVE-2020-28163

CVSS3: 6.5
msrc
5 месяцев назад

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

debian логотип

CVE-2020-28163

CVSS3: 6.5
debian
почти 3 года назад

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer der ...

github логотип

GHSA-7732-hqr2-cr7r

CVSS3: 6.5
github
почти 3 года назад

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

EPSS

Процентиль: 30%
0.00111
Низкий

6.5 Medium

CVSS3