CVE-2016-5044 - log back

CVE-2016-5044 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ A vulnerability was found in libdwarf in dwarf_elf_access.c:1071. A crafted ELF file may lead to a large offset value, which bigger than the size of target_section heap chunk, then this WRITE_UNALIGNED() function will write the value of &outval out of the heap chunk. The offset is a 64bit unsigned int value, so this is more than a heap overflow bug, but also a out-of-bound write bug.
References
+ https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f
+ http://seclists.org/oss-sec/2016/q2/393
Notes