Описание
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
Отчет
The double deallocation issue in libdwarf represents a moderate severity concern due to its potential to cause memory corruption and undefined behavior within the application. When memory is deallocated twice, it can lead to a range of unpredictable outcomes, including crashes, data corruption, and vulnerabilities that could be exploited maliciously. In a multi-threaded environment or in complex applications relying on libdwarf, such issues can be particularly challenging to diagnose and rectify. Additionally, the inconsistency in memory management can propagate errors across different parts of the software, complicating debugging efforts and potentially compromising the stability and security of the system..
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | libdwarf | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libdwarf | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
A double-free vulnerability was found in libdwarf. In a multiply-corru ...
EPSS
7.5 High
CVSS3