CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Libdwarf Project » Libdwarf » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-14249 369 DoS 2019-07-24 2019-08-05
4.3
None Remote Medium Not required None None Partial
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
2 CVE-2017-9998 119 DoS Overflow 2017-06-28 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
3 CVE-2016-9558 190 Overflow 2017-02-28 2022-03-01
7.5
None Remote Low Not required Partial Partial Partial
(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."
4 CVE-2016-9276 125 DoS 2017-03-23 2022-03-01
5.0
None Remote Low Not required None None Partial
The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).
5 CVE-2016-9275 787 DoS Overflow 2017-03-23 2022-03-01
5.0
None Remote Low Not required None None Partial
Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).
6 CVE-2016-8681 125 DoS 2017-02-15 2020-06-11
4.3
None Remote Medium Not required None None Partial
The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.
7 CVE-2016-8680 125 DoS 2017-02-15 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.
8 CVE-2016-8679 125 DoS 2017-02-15 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.
9 CVE-2016-7510 125 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The read_line_table_program function in dwarf_line_table_reader_common.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted input.
10 CVE-2016-5044 787 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section.
11 CVE-2016-5043 125 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section.
12 CVE-2016-5042 835 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.
13 CVE-2016-5041 476 DoS 2017-04-10 2022-03-01
5.0
None Remote Low Not required None None Partial
dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name.
14 CVE-2016-5040 125 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a large length value in a compilation unit header.
15 CVE-2016-5039 125 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The get_attr_value function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted object with all-bits on.
16 CVE-2016-5038 125 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The dwarf_get_macro_startend_file function in dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted string offset for .debug_str.
17 CVE-2016-5037 476 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_load_section function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
18 CVE-2016-5036 125 DoS 2017-02-17 2022-03-01
5.0
None Remote Low Not required None None Partial
The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data.
19 CVE-2016-5035 125 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_read_line_table_header function in dwarf_line_table_reader.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
20 CVE-2016-5034 787 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file, related to relocation records.
21 CVE-2016-5033 125 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The print_exprloc_content function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
22 CVE-2016-5032 125 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The dwarf_get_xu_hash_entry function in libdwarf before 20160923 allows remote attackers to cause a denial of service (crash) via a crafted file.
23 CVE-2016-5031 125 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
24 CVE-2016-5030 476 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
25 CVE-2016-5029 476 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The create_fullest_file_path function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted dwarf file.
26 CVE-2016-5028 476 DoS 2017-02-17 2022-03-01
4.3
None Remote Medium Not required None None Partial
The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via an object file with empty bss-like sections.
27 CVE-2015-8750 476 DoS 2017-02-13 2022-03-01
4.3
None Remote Medium Not required None None Partial
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.
28 CVE-2015-8538 20 DoS 2017-06-07 2022-04-06
4.3
None Remote Medium Not required None None Partial
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
29 CVE-2014-9482 416 DoS 2018-01-16 2020-01-29
4.3
None Remote Medium Not required None None Partial
Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.
Total number of vulnerabilities : 29   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.