CVE-2016-5044 log

Severity High
Remote No
Type Arbitrary code execution
A vulnerability was found in libdwarf in dwarf_elf_access.c:1071. A crafted ELF file may lead to a large offset value, which bigger than the size of target_section heap chunk, then this WRITE_UNALIGNED() function will write the value of &outval out of the heap chunk. The offset is a 64bit unsigned int value, so this is more than a heap overflow bug, but also a out-of-bound write bug.
Group Package Affected Fixed Severity Status Ticket
AVG-89 libdwarf 20161021-1 20161124-1 High Fixed
Date Advisory Group Package Severity Type
03 Dec 2016 ASA-201612-4 AVG-89 libdwarf High multiple issues