CVE-2016-5044 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Arbitrary code execution
Description	A vulnerability was found in libdwarf in dwarf_elf_access.c:1071. A crafted ELF file may lead to a large offset value, which bigger than the size of target_section heap chunk, then this WRITE_UNALIGNED() function will write the value of &outval out of the heap chunk. The offset is a 64bit unsigned int value, so this is more than a heap overflow bug, but also a out-of-bound write bug.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-89	libdwarf	20161021-1	20161124-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
03 Dec 2016	ASA-201612-4	AVG-89	libdwarf	High	multiple issues

References
https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f http://seclists.org/oss-sec/2016/q2/393