CVE-2016-5042

Опубликовано: 17 фев. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

Релиз	Статус	Примечание
devel	not-affected	20160507-1
esm-apps/xenial	released	20120410-2+deb7u2build0.16.04.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [20120410-2+deb7u2build0.14.04.1]]
precise	ignored	end of life
precise/esm	DNE	precise was needs-triage
trusty	released	20120410-2+deb7u2build0.14.04.1
trusty/esm	DNE	trusty was released [20120410-2+deb7u2build0.14.04.1]
upstream	released	20160507-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2016-5042

EPSS

Процентиль: 76%

0.00993

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-5042

redhat

почти 10 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

CVE-2016-5042

CVSS3: 7.5

nvd

почти 9 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

CVE-2016-5042

CVSS3: 7.5

debian

почти 9 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows ...

GHSA-xgfr-63pq-c6gp

CVSS3: 7.5

github

больше 3 лет назад

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

EPSS

Процентиль: 76%

0.00993

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-5042

Описание

Пакет dwarfutils

Ссылки на источники

Связанные уязвимости